Welcome to the Open Crypto Audit Project

The Open Crypto Audit Project (OCAP) is a community-driven global initiative which grew out of the first comprehensive public audit and cryptanalysis of the widely used encryption software TrueCrypt®. Our charter is to:

  • provide technical assistance to free open source software (“FOSS”) projects in the public interest
  • to coordinate volunteer technical experts in security, software engineering, and cryptography
  • to conduct analysis and research on FOSS and other widely software in the public interest
  • contract with professional security researchers and information security firms to provide highly specialized technical assistance, analysis and research on FOSS and other widely used software in the public interest

We operate as a U.S. non-profit organization, incorporated in the state of North Carolina, and are currently seeking federal 501c(3) tax-exempt designation.


“Furthermore, we will be reviewing our existing body of cryptographic work”

National Insitute of Standards and Technology, November 2013


April 2, 2015: Phase II analysis is completed and, pending an executive summary, TrueCrypt is Audited.

Update Feb 18, 2015: Update on the TrueCrypt Phase II cryptanalysis.

Update June 25, 2014: A verified TrueCrypt v. 7.1 source and binary mirror is online at GitHub. File hash lists are available as well.

Update April 14, 2014: The TrueCrypt Phase I Audit Report is available!