VeraCrypt

from Wikipedia, the free encyclopedia
VeraCrypt

logo
Screenshot
Basic data

developer IDRIX (Paris)
Publishing year June 22, 2013
Current  version 1.24-Update7
(August 7, 2020)
operating system Windows , macOS , Linux
programming language C , C ++ , assembler
category Full disk encryption
License Apache license and TrueCrypt license 3.0
German speaking Yes
veracrypt.fr

VeraCrypt is a software for data encryption, especially for the complete or partial encryption of hard drives and removable media . VeraCrypt first appeared in 2013 as a spin-off from TrueCrypt and is partially compatible with it. The project gained greater awareness due to the unexpected end of TrueCrypt's development.

safety

Version 7.1a of its predecessor, TrueCrypt, on which VeraCrypt is based, was audited and initially rated as having relatively few errors . An independent review of the source code of version 1.18 of VeraCrypt took place in 2016. This was carried out by the Quarkslab company in cooperation with the Ostif initiative . During the preparations, a message was issued that the audit might be sabotaged because emails between the parties had not achieved their goal. An incorrectly configured e-mail program was later suspected and the publication of these problems was described as a bug.

In August 2016, a serious error was confirmed in advance, which enables the detection of hidden containers (hidden volumes) in both TrueCrypt and VeraCrypt and thus removes the protection of the user through credible deniability . A solution was incorporated into version 1.18a of VeraCrypt, but users had to update their existing container files.

The final report revealed numerous programming errors. Some of these were only incorporated after the spin-off from TrueCrypt - others were already identified during the earlier audit and not remedied. The use of a known faulty version of the zlib program library from 1998 was criticized, especially since TrueCrypt was already using a more modern variant. In conjunction with complete encryption of the system partition, passwords are not overwritten at all or only insufficiently in the main memory , so that at least the length of the password can be read out. Furthermore, the newly added “ GOST 28147-89” algorithm was used in an unsafe manner.

The critical bugs in version 1.18 have been corrected in version 1.19.

VeraCrypt is also susceptible to general attacks involving software-based hard disk encryption methods. Since the need for decryption key in the memory of the computer is stored in access to the hardware deployed one is cold boot attack possible. Passwords can be intercepted by malware or by compromising the system on the hardware side, such as hardware keyloggers , but the use of key files can make this attack method more difficult.

In a security investigation of the predecessor software TrueCrypt from 2010 by the Federal Office for Information Security (BSI), which was only published in December 2019 , numerous errors classified as security-relevant were listed, many of which were also in the Veracrypt version that was current at the time of publication (1.24 ) were still included. However, when viewed individually, none of the weaknesses was dramatic and some of the errors were fixed immediately.

Functions

Compatibility with TrueCrypt

VeraCrypt is largely compatible with TrueCrypt. Accordingly, the program enables existing TrueCrypt containers to be decrypted with the help of a compatibility mode. Furthermore, many of the functions of the TrueCrypt derivative can also be found in its root. However, many of the improvements implemented by the VeraCrypt developers can only be used in the Acrylic container format. Therefore, the publishers of VeraCrypt recommend migrating to its own format.

Encryption options

VeraCrypt offers the option of encrypting entire systems, individual partitions or so-called containers. The latter are special, fixed-size files that are treated like virtual drives after decryption . XTS is used as the encryption mode.

Algorithms

As encryption algorithms are AES , Serpent , Twofish , Camellia and Kuznyechik available. The selection options and the theoretical strength of the encryption are increased by the fact that the algorithms AES, Serpent and Twofish can be combined with one another in cascades.

The block cipher Magma (defined in the Russian standard GOST 28147-89) was also temporarily available. However, this encryption was removed with version 1.19 after a security audit (VeraCrypt 1.18 Security Assessment), since Magma is now cryptographically weak.

For the cryptographic hashes are SHA-256 , SHA-512 , Streebog , RIPEMD-160 and Whirlpool available. Starting with VeraCrypt 1.0f, it was no longer possible to create new containers with the outdated hash function RIPEMD-160 , but it still supports the creation of system partitions.

Personal iteration multiplier

The VeraCrypt developers understand the Personal Iterations Multiplier (PIM) to be a possibility introduced in version 1.12 of changing the number of encryption iterations .

The 512-byte header of a container contains, among other things, the master key with which the container can be decrypted. To make it more difficult for potential attackers to guess this key through trial and error ( brute force method ), the hash functions for creating the header are called several times. VeraCrypt's developers decided to significantly increase the number of these iterations from around 1000. With RIPEMD-160, for example, up to 327,661 iterations are carried out with complete system encryption, with standard containers and simple partitions it can even be up to 655,331.

Although this significantly increases the theoretical security, it also increases the time required for decryption. However, the time required for file access remains unchanged. Hence, VeraCrypt allows users to vary the number of iterations. The scheme for calculating the iterations is PIM × 2048 for system partitions , while it is 15000+ (PIM × 1000) for the remaining possible uses . The value of the PIM must be specified every time for unlocking.

For security reasons, a very small number of iterations is only possible for long passwords with more than 20 characters.

Credible deniability

Like the TrueCrypt model, VeraCrypt enables users to be credibly denied . This is implemented through so-called hidden volumes (German: hidden containers).

This is understood to mean a virtual drive hidden within another container that has to be unlocked with the help of a separate password. By default, free space in a regular container is filled with random data. VeraCrypt stores any hidden container in this free area. An outside viewer cannot tell whether an area of ​​a container is overwritten free storage space or a hidden container.

The outer and the hidden container are each accessible with a separate password. Depending on which of the two passwords is entered, the respective container is unlocked. In this way, when users are asked to hand over the password by the authorities, for example, they can reveal less sensitive data by typing in the password for the outer container without the more sensitive data in the hidden container becoming recognizable. Since an attacker cannot see that a hidden container has been used, the data remains protected.

power

VeraCrypt supports the parallel encryption for multicore systems and, under Microsoft Windows , the so-called pipelined read and write requests (a form of asynchronous calculation) to optimize the performance of encryption and decryption. CPUs that support the AES-NI set can use the AES algorithm with hardware acceleration with Veracrypt, which increases performance. 64-bit CPUs have been optimized in VeraCrypt for the use of Twofish and Camellia .

Web links

Commons : VeraCrypt  - Collection of Images

Individual evidence

  1. Release Notes. In: veracrypt.fr. Accessed August 9, 2020 (English).
  2. VeraCrypt . May 5, 2018 (veracrypt.fr [accessed May 23, 2018]).
  3. Hauke ​​Gierow: Mails about VeraCrypt audit disappear without a trace. In: golem.de. August 15, 2016, accessed July 1, 2017 .
  4. Hauke ​​Gierow: Hidden volumes are not hidden. In: golem.de. August 22, 2016. Retrieved July 1, 2017 .
  5. Hanno Böck: Veracrypt Audit finds serious security gaps. In: golem.de. October 18, 2016, accessed July 1, 2017 .
  6. ostifadmin: The QuarksLab audit of VeraCrypt has been completed, and this is the public release of the results. In: ostif.org. October 17, 2016, accessed July 1, 2017 .
  7. Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors. (PDF) Accessed October 8, 2018 .
  8. Hanno Böck: BSI hides Truecrypt security problems . In: golem.de . December 16, 2019 (p. 3 of the article)
  9. Olivia von Westernhagen: BSI had to publish audit results on TrueCrypt security deficiencies . In: heise online . 17th December 2019.
  10. Andreas Maslo: Advantages of VeraCrypt data encryption. In: com! September 8, 2015, accessed July 1, 2017 .
  11. a b Encrypt data. In: Privacy Handbook. Retrieved July 1, 2017 .
  12. a b Mounir Idrassi: Why is this more secure than TrueCrypt? In: VeraCrypt forum. October 14, 2014, accessed July 1, 2017 .
  13. Mounir Idrassi: Encryption Algorithms. In: VeraCrypt Documentation. October 17, 2016, accessed July 1, 2017 .
  14. Mounir Idrassi: Hash Algorithms. In: VeraCrypt Documentation. August 27, 2016, accessed July 1, 2017 .
  15. Mounir Idrassi: Missing Hash Algo RIPEMD-160. In: VeraCrypt forum. June 12, 2015, accessed July 27, 2017 .
  16. Mounir Idrassi: Header Key Derivation, Salt, and Iteration Count. In: VeraCrypt Documentation. July 9, 2015, accessed July 1, 2017 .
  17. Hauke ​​Gierow: VeraCrypt is looking for Windows programmers. In: golem.de . January 20, 2016, accessed July 1, 2017 .
  18. Mounir Idrassi: Hidden volume. In: VeraCrypt Documentation. July 3, 2016, accessed July 1, 2017 .
  19. CodePlex Archive. Retrieved May 25, 2020 .
  20. CodePlex Archive. Retrieved May 25, 2020 .
  21. VeraCrypt - Free Open Source Disk Encryption with Strong Security for the Paranoid. Retrieved May 25, 2020 .