On behalf of the Federal Office for Information Security (BSI), the Fraunhofer Institute for Secure Information Technology SIT examined the security of the VeraCrypt encryption software.
VeraCrypt is open source encryption software for Windows, Linux and macOS. The software enables the encryption of an entire hard drive and the creation of encrypted containers. VeraCrypt is the successor to the well-known encryption software TrueCrypt, the development of which was unexpectedly discontinued in 2014.
VeraCrypt: No vulnerabilities identified
The VeraCrypt investigation did not identify any serious vulnerabilities. However, in several areas (e.g. in the development process and on the subject of code quality) there was potential for improvement. The security analysis was made available to the VeraCrypt team prior to release. As a result, the first suggestions for improvement from the analysis have already flowed into a patch of the software.
Directly to the PDF analysis at BSI.bund.de