VERACRYPT FREE OPEN-SOURCE ON-THE-FLY ENCRYPTION USER’S GUIDE veracrypt.codeplex.com Version Information VeraCrypt User’s Guide, version 1.16 th Released by IDRIX on October 7 , 2015 Legal Notices THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED, OR STATUTORY. THE ENTIRE RISK AS TO THE QUALITY, CORRECTNESS, ACCURACY, OR COMPLETENESS OF THE CONTENT OF THIS DOCUMENT IS WITH YOU.
CONTENTS Introduction .......................................................................................................................................... 5 Beginner’s Tutorial............................................................................................................................... 7 How to Create and Use a VeraCrypt Container ......................................................................... 7 How to Create and Use a VeraCrypt-Encrypted Partition/Device ...................
Pipelining ............................................................................................................................................ 63 Hardware Acceleration ...................................................................................................................... 64 Hot Keys .............................................................................................................................................. 66 Keyfiles .................................................
How to Back Up Securely ................................................................................................................ 101 Non-System Volumes ............................................................................................................ 101 System Partitions .................................................................................................................... 101 General Notes ......................................................................................
PREFACE Please note that although most chapters of this documentation apply generally to all versions of VeraCrypt, some sections are primarily aimed at users of the Windows versions of VeraCrypt. Hence, such sections may contain information that is inappropriate in regards to the Mac OS X and Linux versions of VeraCrypt. Introduction VeraCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device).
Beginner’s Tutorial How to Create and Use a VeraCrypt Container This chapter contains step-by-step instructions on how to create, mount, and use a VeraCrypt volume. We strongly recommend that you also read the other sections of this manual, as they contain important information. STEP 1: If you have not done so, download and install VeraCrypt. Then launch VeraCrypt by double-clicking the file VeraCrypt.exe or by clicking the VeraCrypt shortcut in your Windows Start menu.
STEP 3: The VeraCrypt Volume Creation Wizard window should appear. In this step you need to choose where you wish the VeraCrypt volume to be created. A VeraCrypt volume can reside in a file, which is also called container, in a partition or drive. In this tutorial, we will choose the first option and create a VeraCrypt volume within a file. As the option is selected by default, you can just click Next. Note: In the following steps, the screenshots will show only the right-hand part of the Wizard window.
STEP 4: In this step you need to choose whether to create a standard or hidden VeraCrypt volume. In this tutorial, we will choose the former option and create a standard VeraCrypt volume. As the option is selected by default, you can just click Next.
STEP 5: In this step you have to specify where you wish the VeraCrypt volume (file container) to be created. Note that a VeraCrypt container is just like any normal file. It can be, for example, moved or deleted as any normal file. It also needs a filename, which you will choose in the next step. Click Select File. The standard Windows file selector should appear (while the window of the VeraCrypt Volume Creation Wizard remains open in the background).
STEP 6: In this tutorial, we will create our VeraCrypt volume in the folder F:\Data\ and the filename of the volume (container) will be My Volume (as can be seen in the screenshot above). You may, of course, choose any other filename and location you like (for example, on a USB memory stick). Note that the file My Volume does not exist yet – VeraCrypt will create it. IMPORTANT: Note that VeraCrypt will not encrypt any existing files (when creating a VeraCrypt file container).
STEP 7: In the Volume Creation Wizard window, click Next. STEP 8: Here you can choose an encryption algorithm and a hash algorithm for the volume. If you are not sure what to select here, you can use the default settings and click Next (for more information, see chapters Encryption Algorithms and Hash Algorithms).
STEP 9: Here we specify that we wish the size of our VeraCrypt container to be 250 megabyte. You may, of course, specify a different size. After you type the desired size in the input field (marked with a red rectangle), click Next.
STEP 10: This is one of the most important steps. Here you have to choose a good volume password. Read carefully the information displayed in the Wizard window about what is considered a good password. After you choose a good password, type it in the first input field. Then re-type it in the input field below the first one and click Next. Note: The button Next will be disabled until passwords in both input fields are the same.
STEP 11: Move your mouse as randomly as possible within the Volume Creation Wizard window at least for 30 seconds. The longer you move the mouse, the better. This significantly increases the cryptographic strength of the encryption keys (which increases security). Click Format. Volume creation should begin. VeraCrypt will now create a file called My Volume in the folder F:\Data\ (as we specified in Step 6). This file will be a VeraCrypt container (it will contain the encrypted VeraCrypt volume).
STEP 12: We have just successfully created a VeraCrypt volume (file container). In the VeraCrypt Volume Creation Wizard window, click Exit. The Wizard window should disappear. In the remaining steps, we will mount the volume we just created. We will return to the main VeraCrypt window (which should still be open, but if it is not, repeat Step 1 to launch VeraCrypt and then continue from Step 13.
STEP 13: Select a drive letter from the list (marked with a red rectangle). This will be the drive letter to which the VeraCrypt container will be mounted. Note: In this tutorial, we chose the drive letter M, but you may of course choose any other available drive letter.
STEP 14: Click Select File. The standard file selector window should appear.
STEP 15: In the file selector, browse to the container file (which we created in Steps 6-11) and select it. Click Open (in the file selector window). The file selector window should disappear. In the following steps, we will return to the main VeraCrypt window.
STEP 16: In the main VeraCrypt window, click Mount. Password prompt dialog window should appear. STEP 17: Type the password (which you specified in Step 10) in the password input field (marked with a red rectangle).
STEP 18: Select the PRF algorithm that was used during the creation of the volume (SHA-512 is the default PRF used by VeraCrypt). If you don’t remember which PRF was used, just leave it set to “autodetection” but the mounting process will take more time. Click OK after entering the password. VeraCrypt will now attempt to mount the volume.
FINAL STEP: We have just successfully mounted the container as a virtual disk M: The virtual disk is entirely encrypted (including file names, allocation tables, free space, etc.) and behaves like a real disk. You can save (or copy, move, etc.) files to this virtual disk and they will be encrypted on the fly as they are being written. If you open a file stored on a VeraCrypt volume, for example, in media player, the file will be automatically decrypted to RAM (memory) on the fly while it is being read.
You can also browse to the mounted volume the way you normally browse to any other types of volumes. For example, by opening the ‘Computer’ (or ‘My Computer’) list and double clicking the corresponding drive letter (in this case, it is the letter M). You can copy files (or folders) to and from the VeraCrypt volume just as you would copy them to any normal disk (for example, by simple drag-and-drop operations).
If you want to close the volume and make files stored on it inaccessible, either restart your operating system or dismount the volume. To do so, follow these steps: Select the volume from the list of mounted volumes in the main VeraCrypt window (marked with a red rectangle in the screenshot above) and then click Dismount (also marked with a red rectangle in the screenshot above). To make files stored on the volume accessible again, you will have to mount the volume. To do so, repeat Steps 13-18.
VeraCrypt Volume There are two types of VeraCrypt volumes: File-hosted (container) Partition/device-hosted (non-system) Note: In addition to creating the above types of virtual volumes, VeraCrypt can encrypt a physical partition/drive where Windows is installed (for more information, see the chapter System Encryption). A VeraCrypt file-hosted volume is a normal file, which can reside on any type of storage device. It contains (hosts) a completely independent encrypted virtual disk device.
Quick Format If unchecked, each sector of the new volume will be formatted. This means that the new volume will be entirely filled with random data. Quick format is much faster but may be less secure because until the whole volume has been filled with files, it may be possible to tell how much data it contains (if the space was not filled with random data beforehand). If you are not sure whether to enable or disable Quick Format, we recommend that you leave this option unchecked.
Hardware/Software RAID, Windows Dynamic Volumes VeraCrypt supports hardware/software RAID as well as Windows dynamic volumes. Windows Vista or later: Dynamic volumes are displayed in the ‘Select Device’ dialog window as \Device\HarddiskVolumeN.
Favorite Volumes Favorite volumes are useful, for example, in any the following cases: You have a volume that always needs to be mounted to a particular drive letter. You have a volume that needs to be automatically mounted when its host device gets connected to the computer (for example, a container located on a USB flash drive or external USB hard drive). You have a volume that needs to be automatically mounted when you log on to the operating system.
Selected or all favorite volumes can be mounted automatically whenever its host device gets connected to the computer. To set this up, follow these steps: 1. Mount the volume (to the drive letter to which you want it to be mounted every time). 2. Right-click the mounted volume in the drive list in the main VeraCrypt window and select ‘Add to Favorites’. 3. The Favorites Organizer window should appear now.
Warning: When the drive letter assigned to a favorite volume (saved in the configuration file) is not free, the volume is not mounted and no error message is displayed. To remove a volume form the list of favorite volumes, select Favorites > Organize Favorite Volumes, select the volume, click Remove, and click OK.
The order in which system favorite volumes are displayed in the System Favorites Organizer window (Favorites > ‘Organize System Favorite Volumes’) is the order in which the volumes are mounted. You can use the Move Up and Move Down buttons to change the order of the volumes. A special label can be assigned to each system favorite volume. This label is not the same as the filesystem label and it is shown within the VeraCrypt user interface instead of the volume path.
System Encryption VeraCrypt can on-the-fly encrypt a system partition or entire system drive, i.e. a partition or drive where Windows is installed and from which it boots. System encryption provides the highest level of security and privacy, because all files, including any temporary files that Windows and applications create on the system partition (typically, without your knowledge or consent), hibernation files, swap files, etc.
Operating Systems Supported for System Encryption Note: After this version of VeraCrypt was released, a new version of an operating system may have been released and verified to be fully compatible with VeraCrypt. Therefore, if this is the latest stable version of VeraCrypt, you should check the online version of this chapter at: https://veracrypt.codeplex.
your CD/DVD drive, and restart your computer. Note: This feature cannot be used to restore the header of a hidden volume within which a hidden operating system resides (see the section Hidden Operating System). To restore such a volume header, click Select Device, select the partition behind the decoy system partition, click OK, select Tools -> Restore Volume Header and then follow the instructions.
information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor’s technical support team for assistance). Then restart your computer. The VeraCrypt Rescue Disk screen should appear now. Note: In the VeraCrypt Rescue Disk screen, you can select ‘Repair Options’ by pressing F8 on your keyboard. If your Rescue Disk is damaged, you can create a new one by selecting System > Create Rescue Disk.
Plausible Deniability In case an adversary forces you to reveal your password, VeraCrypt provides and supports two kinds of plausible deniability: 1. Hidden volumes (for more information, see the section Hidden Volume below) and hidden operating systems (see the section Hidden Operating System). 2. Until decrypted, a VeraCrypt partition/device appears to consist of nothing more than random data (it does not contain any kind of "signature").
Hidden Volume It may happen that you are forced by somebody to reveal the password to an encrypted volume. There are many situations where you cannot refuse to reveal the password (for example, due to extortion). Using a so-called hidden volume allows you to solve such situations without revealing the password to your volume. The layout of a standard VeraCrypt volume before and after a hidden volume was created within it.
anyone who would force you to hand over the password. You will reveal only the password for the outer volume, not for the hidden one. Files that really are sensitive will be stored on the hidden volume. A hidden volume can be mounted the same way as a standard VeraCrypt volume: Click Select File or Select Device to select the outer/host volume (important: make sure the volume is not mounted). Then click Mount, and enter the password for the hidden volume.
Protection of Hidden Volumes Against Damage If you mount a VeraCrypt volume within which there is a hidden volume, you may read data stored on the (outer) volume without any risk. However, if you (or the operating system) need to save data to the outer volume, there is a risk that the hidden volume will get damaged (overwritten). To prevent this, you should protect the hidden volume in a way described in this section.
volume protection can be activated only by users who supply the correct password (and/or keyfiles) for the hidden volume (each time they mount the outer volume). As soon as a write operation to the hidden volume area is denied/prevented (to protect the hidden volume), the entire host volume (both the outer and the hidden volume) becomes write-protected until dismounted (the VeraCrypt driver reports the ‘invalid parameter’ error to the system upon each attempt to write data to the volume).
There are several ways to check that a hidden volume is being protected against damage: 1. A confirmation message box saying that hidden volume is being protected is displayed after the outer volume is mounted (if it is not displayed, the hidden volume is not protected!). 2. In the Volume Properties dialog, the field Hidden Volume Protected says ‘Yes’: 3.
If you want to mount an outer volume and protect a hidden volume within using cached passwords, then follow these steps: Hold down the Control (Ctrl) key when clicking Mount (or select Mount with Options from the Volumes menu). This will open the Mount Options dialog. Enable the option ‘Protect hidden volume against damage caused by writing to outer volume’ and leave the password box empty. Then click OK.
(e.g. the value of a timer or counter) that can be used to determine that a block had been written earlier than another block and/or to determine how many times a block has been written/read. Therefore, do not store hidden volumes on such devices/filesystems. To find out whether a device/system saves such data, please refer to documentation supplied with the device/system or contact the vendor/manufacturer.
o Linux: Download or create a "live-CD" version of your operating system (i.e. a "live" Linux system entirely stored on and booted from a CD/DVD) that ensures that any data written to the system volume is written to a RAM disk. Mount hidden volumes only when such a "live-CD" system is running.
booting the decoy system. This is required to clear the memory, which may contain sensitive data. For more information, see the section Unencrypted Data in RAM in the chapter Security Requirements and Precautions. o The computer may be connected to a network (including the internet) only when the decoy operating system is running.
Hidden Operating System If your system partition or system drive is encrypted using VeraCrypt, you need to enter your preboot authentication password in the VeraCrypt Boot Loader screen after you turn on or restart your computer. It may happen that you are forced by somebody to decrypt the operating system or to reveal the pre-boot authentication password. There are many situations where you cannot refuse to do so (for example, due to extortion).
are normally stored). If it fails and if there is a partition behind the active partition, the VeraCrypt Boot Loader (even if there is actually no hidden volume on the drive) automatically tries to decrypt (using the same entered password again) the area of the first partition behind the active partition* where the encrypted header of a possible hidden volume might be stored.
Process of Creation of Hidden Operating System To start the process of creation of a hidden operating system, select System > Create Hidden Operating System and then follow the instructions in the wizard. Initially, the wizard verifies that there is a suitable partition for a hidden operating system on the system drive. Note that before you can create a hidden operating system, you need to create a partition for it on the system drive.
after the hidden system has been created. Afterwards, in order to achieve plausible deniability, VeraCrypt will prompt you to install a new system on the partition and encrypt it using VeraCrypt. Thus, you will create the decoy system and the whole process of creation of the hidden operating system will be completed.
(other than creating a hidden operating system), you can provide, for example, one of the following explanations: If there are more than two partitions on a system drive and you want to encrypt only two of them (the system partition and the one behind it) and to leave the other partitions unencrypted (for example, to achieve the best possible performance when reading and writing data, which is not sensitive, to such unencrypted partitions), the only way to do that is to encrypt both partitions separately
Note: When the user attempts to encrypt the system partition with a cascade encryption algorithm, VeraCrypt warns him or her that it can cause the following problems (and implicitly recommends to choose a non-cascade encryption algorithm instead): o o For cascade encryption algorithms, the VeraCrypt Boot Loader is larger than normal and, therefore, there is not enough space in the first drive track for a backup of the VeraCrypt Boot Loader.
If all the instructions in the wizard have been followed and if the security requirements and precautions listed in the subsection Security Requirements and Precautions Pertaining to Hidden Volumes are followed, it should be impossible to prove that the hidden volume and hidden operating system exist, even when the outer volume is mounted or when the decoy operating system is decrypted or started.
Main Program Window Select File Allows you to select a file-hosted VeraCrypt volume. After you select it, you can perform various operations on it (e.g., mount it by clicking ‘Mount’). It is also possible to select a volume by dragging its icon to the ‘VeraCrypt.exe’ icon (VeraCrypt will be automatically launched then) or to the main program window. Select Device Allows you to select a VeraCrypt partition or a storage device (such as a USB memory stick).
Dismount All Note: The information in this section applies to all menu items and buttons with the same or similar caption (for example, it also applies to the system tray menu item Dismount All). This function allows you to dismount multiple VeraCrypt volumes. To dismount a VeraCrypt volume means to close it and make it impossible to read/write from/to the volume.
VeraCrypt volume when VeraCrypt runs in portable mode, or mount a writable NTFS-formatted volume on Windows Vista or later, the VeraCrypt driver may not be unloaded when you exit VeraCrypt (it will be unloaded only when you shut down or restart the system). This prevents various problems caused by a bug in Windows (for instance, it would be impossible to start VeraCrypt again as long as there are applications using the dismounted volume).
Program Menu Note: To save space, only the menu items that are not self-explanatory are described in this documentation. Volumes -> Auto-Mount All Device-Hosted Volumes See the section Auto-Mount Devices. Volumes -> Dismount All Mounted Volumes See the section Dismount All. Volumes -> Change Volume Password Allows changing the password of the currently selected VeraCrypt volume (no matter whether the volume is hidden or standard).
information, see the section Header Key Derivation, Salt, and Iteration Count. Note: When VeraCrypt re-encrypts a volume header, the original volume header is first overwritten many times (3, 7, 35 or 256 depending on the user choice) with random data to prevent adversaries from using techniques such as magnetic force microscopy or magnetic force scanning tunneling microscopy [17] to recover the overwritten header (however, see also the chapter Security Requirements and Precautions).
Note 1: If you need to mount multiple partitions at once, click ‘Auto-Mount Devices’, then click ‘Mount Options’ and enable the option ‘Mount partition using system encryption without pre-boot authentication’. Please note you cannot use this function to mount extended (logical) partitions that are located on an entirely encrypted system drive. Tools -> Clear Volume History Clears the list containing the file names (if file-hosted) and paths of the last twenty successfully mounted volumes.
when the backup is created, the same keyfile(s) will be necessary to mount the volume again after the volume header is restored. For more information, see the section Encryption Scheme in the chapter Technical Details. After you create a volume header backup, you might need to create a new one only when you change the volume password and/or keyfiles. Otherwise, the volume header remains unmodified so the volume header backup remains up-to-date.
Settings -> Preferences Invokes the Preferences dialog window, where you can change, among others, the following options: Wipe cached passwords on exit If enabled, passwords (which may also contain processed keyfile contents) cached in driver memory will be cleared when VeraCrypt exits. Cache passwords in driver memory When checked, passwords and/or processed keyfile contents for up to last four successfully mounted VeraCrypt volumes are cached.
drive encrypted by VeraCrypt, mounted when the encrypted operating system is running). o VeraCrypt volumes that are not fully accessible to the user account (e.g. a volume mounted from within another user account). o VeraCrypt volumes that are not displayed in the VeraCrypt application window.
Mounting VeraCrypt Volumes If you have not done so yet, please read the sections ‘Mount‘ and ‘Auto-Mount Devices‘ in the chapter Main Program Window. Cache Password in Driver Memory This option can be set in the password entry dialog so that it will apply only to that particular mount attempt. It can also be set as default in the Preferences. For more information, please see the section Settings -> Preferences, subsection Cache passwords in driver memory.
Parallelization When your computer has a multi-core processor (or multiple processors), VeraCrypt uses all of the cores (or processors) in parallel for encryption and decryption. For example, when VeraCrypt is to decrypt a chunk of data, it first splits the chunk into several smaller pieces. The number of the pieces is equal to the number of the cores (or processors). Then, all of the pieces are decrypted in parallel (piece 1 is decrypted by thread 1, piece 2 is decrypted by thread 2, etc).
Hardware Acceleration Some processors (CPUs) support hardware-accelerated AES encryption,* which is typically 4-8 times faster than encryption performed by the purely software implementation on the same processors. By default, VeraCrypt uses hardware-accelerated AES on computers that have a processor where the Intel AES-NI instructions are available. Specifically, VeraCrypt uses the AES-NI instructions that perform so-called AES rounds (i.e. the main portions of the AES algorithm).
more details about these transformations, see [3]).
Hot Keys To set system-wide VeraCrypt hot keys, click Settings -> Hot Keys. Note that hot keys work only when VeraCrypt or the VeraCrypt Background Task is running.
Keyfiles Keyfile is a file whose content is combined with a password (for information on the method used to combine a keyfile with password, see the chapter Technical Details, section Keyfiles). Until the correct keyfile is provided, no volume that uses the keyfile can be mounted. You do not have to use keyfiles. However, using keyfiles has some advantages: May improve protection against brute force attacks (significant particularly if the volume password is not very strong).
These control elements appear in various dialog windows and always have the same functions. Check the Use keyfiles option and click Keyfiles. The keyfile dialog window should appear where you can specify keyfiles (to do so, click Add Files or Add Token Files) or keyfile search paths (click Add Path). Security Tokens and Smart Cards VeraCrypt can directly use keyfiles stored on a security token or smart card that complies with the PKCS #11 (2.
Keyfile Search Path By adding a folder in the keyfile dialog window (click Add Path), you specify a keyfile search path. All files found in the keyfile search path* will be used as keyfiles. Important: Note that folders (and files they contain) found in keyfile search paths are ignored. Keyfile search paths are especially useful if you, for example, store keyfiles on a USB memory stick that you carry with you. You can set the drive letter of the USB memory stick as a default keyfile search path.
Volumes -> Add/Remove Keyfiles to/from Volume This function allows you to re-encrypt a volume header with a header encryption key derived from any number of keyfiles (with or without a password), or no keyfiles at all. Thus, a volume which is possible to mount using only a password can be converted to a volume that require keyfiles (in addition to the password) in order to be possible to mount. Note that the volume header contains the master encryption key with which the volume is encrypted.
WARNING: When you add a folder (as opposed to a file) to your default keyfile list, only the path is remembered, not the filenames! This means e.g. that if you create a new file in the folder or if you copy an additional file to the folder, then all volumes that used keyfiles from the folder will be impossible to mount (until you remove the newly added file from the folder).
Security Tokens & Smart Cards VeraCrypt supports security (or cryptographic) tokens and smart cards (smart card readers) that can be accessed using the PKCS #11 (2.0 or later) protocol [23]. For more information, please see the section Security Tokens and Smart Cards in the chapter Keyfiles.
Portable Mode VeraCrypt can run in so-called portable mode, which means that it does not have to be installed on the operating system under which it is run. However, there are two things to keep in mind: 1) You need administrator privileges in order to be able to run VeraCrypt in portable mode (for the reasons, see the chapter Using VeraCrypt Without Administrator Privileges).
Include VeraCrypt Volume Creation Wizard Check this option, if you need to create new VeraCrypt volumes using VeraCrypt run from the traveler disk you will create. Unchecking this option saves space on the traveler disk. AutoRun Configuration (autorun.inf) In this section, you can configure the ‘traveler disk’ to automatically start VeraCrypt or mount a specified VeraCrypt volume when the ‘traveler disk’ is inserted. This is accomplished by creating a special script file called ‘autorun.
TrueCrypt Support Starting from version 1.0f, VeraCrypt supports loading TrueCrypt volumes and partitions, both normal and hidden. In order to activate this, you have to check “TrueCrypt Mode” in the password prompt dialog as shown below. Note: Only volumes and partitions created using TrueCrypt versions 6.x and 7.x are supported. Converting TrueCrypt volumes and partitions Starting from version 1.
Default Mount Parameters Starting from version 1.0f-2, it is possible to specify the PRF algorithm and the TrueCrypt mode that will be selected by default in the password dialog. As show below, select the entry "Default Mount Parameters" under the menu "Settings": The following dialog will be displayed: Make your modifications and then click OK. The chosen values are then written to VeraCrypt main configuration file (Configuration.xml) making them persistent.
Language Packs Language packs contain third-party translations of the VeraCrypt user interface texts. Some language packs also contain translated VeraCrypt User Guide. Note that language packs are currently supported only by the Windows version of VeraCrypt. Installation Since version 1.0e, all language packs are included in the VeraCrypt Windows installer and they can be found in VeraCrypt installation directory.
Encryption Algorithms VeraCrypt volumes can be encrypted using the following algorithms: Algorithm Designer(s) Key Size (Bits) Block Size (Bits) Mode of Operation AES J. Daemen, V. Rijmen 256 128 XTS Serpent R. Anderson, E. Biham, L. Knudsen 256 128 XTS Twofish B. Schneier, J. Kelsey, D. Whiting, D. Wagner, C. Hall, N.
Serpent Designed by Ross Anderson, Eli Biham, and Lars Knudsen; published in 1998. It uses a 256-bit key, 128-bit block, and operates in XTS mode (see the section Modes of Operation). Serpent was one of the AES finalists. It was not selected as the proposed AES algorithm even though it appeared to have a higher security margin than the winning Rijndael [4]. More concretely, Serpent appeared to have a high security margin, while Rijndael appeared to have only an adequate security margin [4].
Serpent-AES Two ciphers in a cascade [15, 16] operating in XTS mode (see the section Modes of Operation). Each 128-bit block is first encrypted with AES (256-bit key) in XTS mode and then with Serpent (256-bit key) in XTS mode. Each of the cascaded ciphers uses its own key. All encryption keys are mutually independent (note that header keys are independent too, even though they are derived from a single password – see the section Header Key Derivation, Salt, and Iteration Count).
Hash Algorithms In the Volume Creation Wizard, in the password change dialog window, and in the Keyfile Generator dialog window, you can select a hash algorithm. A user-selected hash algorithm is used by the VeraCrypt Random Number Generator as a pseudorandom “mixing” function, and by the header key derivation function (HMAC based on a hash function, as specified in PKCS #5 v2.0) as a pseudorandom function.
Supported Operating Systems Note: After this version of VeraCrypt was released, a new version of an operating system may have been released, verified to be fully compatible with VeraCrypt and added to the list of supported systems. Therefore, if this is the latest stable version of VeraCrypt, you should check the online version of this chapter at https://veracrypt.codeplex.com/wikipage?title=Supported%20Operating%20Systems.
Command Line Usage Note that this section applies to the Windows version of VeraCrypt. For information on command line usage applying to the Linux and Mac OS X versions, please run: veracrypt –h /help or /? Display command line help. /truecrypt or /tc Activate TrueCrypt compatibility mode which enables mounting volumes created with TrueCrypt 6.x and 7.x. /hash It must be followed by a parameter indicating the PRF hash algorithm to use when mounting the volume.
/tryemptypass ONLY when default keyfile configured or when a keyfile is specified in the command line. If it is followed by y or yes or if no parameter is specified: try to mount using an empty password and the keyfile before displaying password prompt. If it is followed by n or no: don't try to mount using an empty password and the keyfile, and display password prompt right away. /tokenlib It must be followed by a parameter indicating the PKCS #11 library to use for security tokens and smart cards. (e.
sm or system: Without pre-boot authentication, mount a partition that is within the key scope of system encryption (for example, a partition located on the encrypted system drive of another operating system that is not running). Useful e.g. for backup or repair operations. Note: If you supply a password as a parameter of /p, make sure that the password has been typed using the standard US keyboard layout (in contrast, the GUI ensures this automatically).
when creating the volume. It has the same syntax as VeraCrypt.exe. /encryption /filesystem /dynamic /force /silent /noisocheck or /n (Only with /create) It must be followed by a parameter indicating the encryption algorithm to use. The default is AES if this switch is not specified.
sha-512,whirlpool, ripemd160, ripemd-160}] [/filesystem {None, FAT, NTFS}] [/dynamic] [/force] [/silent] Note that the order in which options are specified does not matter. Examples Mount the volume d:\myvolume as the first free drive letter, using the password prompt (the main program window will not be displayed): veracrypt /q /v d:\myvolume Dismount a volume mounted as the drive letter X (the main program window will not be displayed): veracrypt /q /d x Mount a volume called myvolume.
Security Model Note to security researchers: If you intend to report a security issue or publish an attack on VeraCrypt, please make sure it does not disregard the security model of VeraCrypt described below. If it does, the attack (or security issue report) will be considered invalid/bogus. VeraCrypt is a computer software program whose primary purposes are to: Secure data by encrypting it before it is written to a disk. Decrypt encrypted data after it is read from the disk.
Secure any computer hardware component or a whole computer. Secure any data on a computer where the security requirements or precautions listed in the chapter Security Requirements and Precautions are not followed. Do anything listed in the section Limitations (chapter Known Issues & Limitations).
Under Mac OS X, a user without administrator privileges can (assuming the default VeraCrypt and operating system configurations): Mount any file-hosted or partition/device-hosted VeraCrypt volume provided that the file/device permissions allow it. Dismount, using VeraCrypt, (and, in the VeraCrypt application window, see the path to and properties of) any VeraCrypt volume mounted by him or her.
Security Requirements and Precautions IMPORTANT: If you want to use VeraCrypt, you must follow the security requirements and security precautions listed in this chapter. The sections in this chapter specify security requirements for using VeraCrypt and give information about things that adversely affect or limit the ability of VeraCrypt to secure data and to provide plausible deniability.
you need to work with sensitive data, boot such a live CD/DVD. If you use hidden volumes, follow the security requirements and precautions listed in the subsection Security Requirements and Precautions Pertaining to Hidden Volumes. If you do no use hidden volumes, ensure that only non-system partition-hosted VeraCrypt volumes and/or read-only filesystems are mounted during the session.
you mount a VeraCrypt volume. To do so in Windows XP or later, right-click the ‘Computer’ (or ‘My Computer’) icon on the desktop or in the Start Menu, and then select Properties -> (on Windows Vista or later: -> Advanced System Settings ->) Advanced tab -> section Startup and Recovery -> Settings -> section Write debugging information -> select (none) -> OK.
Unencrypted Data in RAM It is important to note that VeraCrypt is disk encryption software, which encrypts only disks, not RAM (memory). Keep in mind that most programs do not clear the memory area (buffers) in which they store unencrypted (portions of) files they load from a VeraCrypt volume.
you must not use VeraCrypt on a computer that an attacker has physically accessed. Furthermore, you must ensure that VeraCrypt (including its device driver) is not running when the attacker physically accesses the computer. Additional information pertaining to hardware attacks where the attacker has direct physical access is contained in the section Unencrypted Data in RAM.
at the volume level to users without administrator privileges, regardless of whether it is accessible to them at the file-system level). Moreover, on Windows, the password cache is shared by all logged on users (for more information, please see the section Settings -> Preferences, subsection Cache passwords in driver memory).
When creating a volume, encrypting a system partition/drive, or changing passwords/keyfiles, you must not allow any third party to choose or modify the password/keyfile(s) before/while the volume is created or the password/keyfiles(s) changed.
use the Linux native kernel cryptographic services or make sure VeraCrypt volumes are not located on drives that use the trim operation. To find out whether a device uses the trim operation, please refer to documentation supplied with the device or contact the vendor/manufacturer. Wear-Leveling Some storage devices (e.g., some solid-state drives, including USB flash drives) and some file systems utilize so-called wear-leveling mechanisms to extend the lifetime of the storage device or medium.
have various security implications. For instance, data that is to be encrypted in place may remain unencrypted in the bad sector. Likewise, data to be erased (for example, during the process of creation of a hidden operating system) may remain in the bad sector. Plausible deniability (see section Plausible Deniability) may be adversely affected whenever a sector is reallocated. Additional examples of possible security implications are listed in the section Security Requirements and Precautions.
Volume Clones Never create a new VeraCrypt volume by cloning an existing VeraCrypt volume. Always use the VeraCrypt Volume Creation Wizard to create a new VeraCrypt volume. If you clone a volume and then start using both this volume and its clone in a way that both eventually contain different data, then you might aid cryptanalysis (both volumes will share a single key set). This is especially critical when the volume contains a hidden volume.
How to Back Up Securely Due to hardware or software errors/malfunctions, files stored on a VeraCrypt volume may become corrupted. Therefore, we strongly recommend that you backup all your important files regularly (this, of course, applies to any important data, not just to encrypted data stored on VeraCrypt volumes). Non-System Volumes To back up a non-system VeraCrypt volume securely, it is recommended to follow these steps: 1.
To back up an encrypted system partition securely and safely, it is recommended to follow these steps: 1. If you have multiple operating systems installed on your computer, boot the one that does not require pre-boot authentication. If you do not have multiple operating systems installed on your computer, you can boot a WinPE or BartPE CD/DVD (‘live’ Windows entirely stored on and booted from a CD/DVD; for more information, search the section Frequently Asked Questions for the keyword ‘BartPE’).
regular VeraCrypt volume in the previous step) and store the image directly on the mounted backup volume. IMPORTANT: If you store the backup volume in any location that an adversary can repeatedly access (for example, on a device kept in a bank’s safe deposit box), you should repeat all of the above steps (including the step 2) each time you want to back up the volume (see below).
Miscellaneous Using VeraCrypt Without Administrator Privileges In Windows, a user who does not have administrator privileges can use VeraCrypt, but only after a system administrator installs VeraCrypt on the system. The reason for that is that VeraCrypt needs a device driver to provide transparent on-the-fly encryption/decryption, and users without administrator privileges cannot install/start device drivers in Windows.
Sharing over Network If there is a need to access a single VeraCrypt volume simultaneously from multiple operating systems, there are two options: 1. A VeraCrypt volume is mounted only on a single computer (for example, on a server) and only the content of the mounted VeraCrypt volume (i.e., the file system within the VeraCrypt volume) is shared over a network. Users on other computers or systems will not mount the volume (it is already mounted on the server).
VeraCrypt Background Task When the main VeraCrypt window is closed, the VeraCrypt Background Task takes care of the following tasks/functions: 1. 2. 3. 4. 5. Hot keys Auto-dismount (e.g., upon logoff, inadvertent host device removal, time-out, etc.) Auto-mount of favorite volumes Notifications (e.g., when damage to hidden volume is prevented) Tray icon WARNING: If neither the VeraCrypt Background Task nor VeraCrypt is running, the abovementioned tasks/functions are disabled.
Volume Mounted as Removable Medium This section applies to VeraCrypt volumes mounted when one of the following options is enabled (as applicable): Tools > Preferences > Mount volumes as removable media Mount Options > Mount volume as removable medium Favorites > Organize Favorite Volumes > Mount selected volume as removable medium Favorites > Organize System Favorite Volumes > Mount selected volume as removable medium VeraCrypt Volumes that are mounted as removable media have the following a
VeraCrypt System Files & Application Data Note: %windir% is the main Windows installation path (e.g., C:\WINDOWS) VeraCrypt Driver %windir%\SYSTEM32\DRIVERS\veracrypt.sys Note: This file is not present when VeraCrypt is run in portable mode. VeraCrypt Settings, Application Data, and Other System Files WARNING: Note that VeraCrypt does not encrypt any of the files listed in this section (unless it encrypts the system partition/drive). The following files are saved in the folder %APPDATA%\VeraCrypt\.
The following files are saved in the folder %ALLUSERSPROFILE%\VeraCrypt\: “Original System Loader” (a backup of the original content of the first drive track made before the VeraCrypt Boot Loader was written to it). o Note: This file is absent if the system partition/drive has not been encrypted. The following files are saved in the folder %windir%\system32 (both on 32-bit systems and 64-bit systems): “VeraCrypt System Favorite Volumes.
How to Remove Encryption Please note that VeraCrypt can in-place decrypt only partitions and drives (select System > Permanently Decrypt System Partition/Drive for system partition/drive and select Volumes -> Permanently Decrypt for non-system partition/drive). If you need to remove encryption (e.g., if you no longer need encryption) from a file-hosted volume, please follow these steps: 1. Mount the VeraCrypt volume. 2.
Uninstalling VeraCrypt To uninstall VeraCrypt on Windows XP, select Start menu > Settings > Control Panel > Add or Remove Programs > VeraCrypt > Change/Remove. To uninstall VeraCrypt on Windows Vista or later, select Start menu > Computer > Uninstall or change a program > VeraCrypt > Uninstall. No VeraCrypt volume will be removed when you uninstall VeraCrypt. You will be able to mount your VeraCrypt volume(s) again after you install VeraCrypt or when you run it in portable mode.
Digital Signatures Why Verify Digital Signatures It might happen that a VeraCrypt installation package you download from our server was created or modified by an attacker. For example, the attacker could exploit a vulnerability in the server software we use and alter the installation packages stored on the server, or he/she could alter any of the files en route to you.
1. Download the VeraCrypt self-extracting installation package. 2. In the Windows Explorer, click the downloaded file (‘VeraCrypt Setup.exe’) with the right mouse button and select ‘Properties’ from the context menu. 3. In the Properties dialog window, select the ‘Digital Signatures’ tab. 4. On the ‘Digital Signatures’ tab, in the ‘Signature list’, double click the line saying "IDRIX". 5. The ‘Digital Signature Details’ dialog window should appear now.
Troubleshooting It is recommended that you read also the latest online version of this chapter at: https://veracrypt.codeplex.com/wikipage?title=Troubleshooting This section presents possible solutions to common problems that you may run into when using VeraCrypt. Note: If your problem is not listed here, it might be listed in one of the following sections: Incompatibilities Known Issues & Limitations Frequently Asked Questions Make sure you use the latest stable version of VeraCrypt.
PROBLEM: A VeraCrypt volume cannot be mounted; VeraCrypt reports “Incorrect password or not a VeraCrypt volume”. POSSIBLE CAUSE: The volume header may have been damaged by a third-party application or malfunctioning hardware component. POSSIBLE SOLUTIONS: you can try to restore the volume header from the backup embedded in the volume by following these steps: 1) Run VeraCrypt. 2) Click Select Device or Select File to select your volume. 3) Select Tools > Restore Volume Header.
way to use this tool on a VeraCrypt volume: First, make a backup copy of the VeraCrypt volume (because the ‘chkdsk’ tool might damage the filesystem even more) and then mount it. Right-click the mounted volume in the main VeraCrypt window (in the drive list) and from the context menu select ‘Repair Filesystem’. PROBLEM: When trying to create a hidden volume, its maximum possible size is unexpectedly small (there is much more free space than this on the outer volume). PROBABLE CAUSES: 1.
If it does not help, reformat the outer volume again and copy less files/folders to its root folder than you did last time. If it does not help, keep reformatting and decreasing the number of files/folders in the root folder. If this is unacceptable or if it does not help, reformat the outer volume and select a larger cluster size. If it does not help, keep reformatting and increasing the cluster size, until the problem is solved. Alternatively, try creating a hidden volume within an NTFS volume.
and restart your computer. For more information, please refer to the documentation for your BIOS/motherboard or contact your computer vendor’s technical support team for assistance. PROBLEM: After the system partition/drive is encrypted, the computer cannot boot after it is restarted (it is also impossible to enter the BIOS configuration screen). PROBABLE CAUSE: A bug in the BIOS of your computer. POSSIBLE SOLUTIONS: Follow these steps: 1. Disconnect the encrypted drive. 2.
POSSIBLE SOLUTIONS: Upgrade your BIOS (for information on how to do so, please refer to the documentation for your BIOS/motherboard or contact your computer vendor’s technical support team for assistance). Use a different motherboard model/brand.
PROBLEM: When trying to encrypt the system partition/drive, during the pretest, the VeraCrypt Boot Loader always reports that the pre-boot authentication password I entered is incorrect (even though I'm sure it is correct). POSSIBLE CAUSES: Different state of the Num Lock and/or Caps Lock key Data corruption POSSIBLE SOLUTION: 1.
1. Mount the VeraCrypt volume to which you want to back up data. 2. Right-click a folder located on the volume (or right-click its drive letter in the ‘Computer’ list) and select an item from the ‘Share with’ submenu (on Windows Vista, select ‘Share’). 3. Follow the instructions to share the folder with your user account. 4. In the Windows Backup tool, select the shared folder (the network location/path) as the destination. 5. Start the backup process.
PROBLEM: When accessing a file-hosted container shared over a network, “insufficient memory” or "not enough server storage is available" error is reported. PROBABLE CAUSE: IRPStackSize in the Windows registry may have been set to a too small value. POSSIBLE SOLUTION: Locate the IRPStackSize key in the Windows registry and set it to a higher value. Then restart the system.
Incompatibilities It is recommended that you read also the latest online version of this chapter at: https://veracrypt.codeplex.com/wikipage?title=Incompatibilities Activation of Adobe Photoshop® and Other Products Using FLEXnet Publisher® / SafeCast Note: The issue described below does not affect you if you use a non-cascade encryption algorithm (i.e., AES, Serpent, or Twofish).* The issue also does not affect you if you do not use pre-boot authentication (see the chapter System Encryption).
Known Issues & Limitations It is strongly recommended that you read also the latest online version of this chapter at: https://veracrypt.codeplex.com/wikipage?title=Issues%20and%20Limitations Known Issues (There were no confirmed issues when this document was created.) Limitations [Note: This limitation does not apply to users of Windows Vista and later versions of Windows.] On Windows XP/2003, VeraCrypt does not support encrypting an entire system drive that contains extended (logical) partitions.
services under Windows 2000, e.g., assign a mount point to a VeraCrypt volume (i.e., attach a VeraCrypt volume to a folder). VeraCrypt does not support pre-boot authentication for operating systems installed within VHD files, except when booted using appropriate virtual-machine software such as Microsoft Virtual PC. The Windows Volume Shadow Copy Service is currently supported only for partitions within the key scope of system encryption (e.g.
attributes, or the operating system failing to perform it for various documented and undocumented reasons). Note: When you write to a file-hosted hidden volume, the timestamp of the container may change. This can be plausibly explained as having been caused by changing the (outer) volume password. Also note that VeraCrypt never preserves timestamps of system favorite volumes (regardless of the settings). Special software (e.g.
Frequently Asked Questions Note: The latest version of the VeraCrypt FAQ is available at https://veracrypt.codeplex.com/wikipage?title=FAQ. Can TrueCrypt and VeraCrypt be running on the same machine? Yes. There are no conflicts between TrueCrypt and VeraCrypt, thus they can be installed and used on the same machine. Can I use my TrueCrypt volumes in VeraCrypt? Yes. Starting from version 1.0f, VeraCrypt supports mounting TrueCrypt volumes. Can I convert my TrueCrypt volumes to VeraCrypt format? Yes.
Is there a "Quick Start Guide" or some tutorial for beginners? Yes. The first chapter, Beginner’s Tutorial, contains screenshots and step-by-step instructions on how to create, mount, and use a VeraCrypt volume. Can I encrypt a partition/drive where Windows is installed? Yes (see the chapter System Encryption). The system encryption Pre Test fails because the bootloader hangs with the messaging "booting" after successfully verifying the password.
Will VeraCrypt be open-source and free forever? Yes, it will. We will never create a commercial version of VeraCrypt, as we believe in open-source and free security software. Is it possible to donate to the VeraCrypt project? Yes, you can use the donation buttons at https://veracrypt.codeplex.com.
Does VeraCrypt also encrypt file names and folder names? Yes. The entire file system within a VeraCrypt volume is encrypted (including file names, folder names, and contents of every file). This applies to both types of VeraCrypt volumes – i.e., to file containers (virtual VeraCrypt disks) and to VeraCrypt-encrypted partitions/devices. Does VeraCrypt use parallelization? Yes. Increase in encryption/decryption speed is directly proportional to the number of cores/processors your computer has.
What is plausible deniability? See the chapter Plausible Deniability. Will I be able to mount my VeraCrypt partition/container after I reinstall or upgrade the operating system? Yes, VeraCrypt volumes are independent of the operating system. However, you need to make sure your operating system installer does not format the partition where your VeraCrypt volume resides.
I use pre-boot authentication. Can I configure the VeraCrypt Boot Loader to display only a fake error message? Yes. To do so, boot the encrypted system, start VeraCrypt, select Settings > System Encryption, enable the option ‘Do not show any texts in the pre-boot authentication screen’ and enter the fake error message in the corresponding field (for example, the "Missing operating system" message, which is normally displayed by the Windows boot loader if it finds no Windows boot partition).
Can a volume be automatically mounted whenever its host device gets connected to the computer? Yes. For example, if you have a VeraCrypt container on a USB flash drive and you want VeraCrypt to mount it automatically when you insert the USB flash drive into the USB port, follow these steps: 1. Mount the volume (to the drive letter to which you want it to be mounted every time). 2. Right-click the mounted volume in the drive list in the main VeraCrypt window and select ‘Add to Favorites’. 3.
4. Run the downloaded file, and select Extract (instead of Install) on the second page of the VeraCrypt Setup wizard. Extract the contents to the RAM disk. 5. Run the file VeraCrypt.exe from the RAM disk. Note: You may also want to consider creating a hidden operating system (see the section Hidden Operating System). See also the chapter Plausible Deniability. Can I encrypt my system partition/drive if I don’t have a US keyboard? Yes, VeraCrypt supports all keyboard layouts.
Can I run VeraCrypt if I don’t install it? Yes, see the chapter Portable Mode. Some encryption programs use TPM to prevent attacks. Will VeraCrypt use it too? No. Those programs use TPM to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer, and the attacker needs you to use the computer after such an access.
Which type of VeraCrypt volume is better – partition or file container? File containers are normal files so you can work with them as with any normal files (file containers can be, for example, moved, renamed, and deleted the same way as normal files). Partitions/drives may be better as regards performance. Note that reading and writing to/from a file container may take significantly longer when the container is heavily fragmented.
When I use HMAC-RIPEMD-160, is the size of the header encryption key only 160 bits? No, VeraCrypt never uses an output of a hash function (nor of a HMAC algorithm) directly as an encryption key. See the section ‘Header Key Derivation, Salt, and Iteration Count‘ for more information. How do I burn a VeraCrypt container larger than 2 GB onto a DVD? The DVD burning software you use should allow you to select the format of the DVD.
We use VeraCrypt in a corporate/enterprise environment. Is there a way for an administrator to reset a volume password or pre-boot authentication password when a user forgets it (or loses a keyfile)? Yes. Note that there is no “backdoor” implemented in VeraCrypt. However, there is a way to “reset” volume passwords/keyfiles and pre-boot authentication passwords. After you create a volume, back up its header to a file (select Tools -> Backup Volume Header) before you allow a non-admin user to use the volume.
1. Right-click the ‘Computer’ (or ‘My Computer’) icon on your desktop or in the Start Menu and select Manage. The ‘Computer Management’ window should appear. 2. From the list on the left, select ‘Disk Management’ (within the Storage sub-tree). 3. Right-click the encrypted partition/device and select ‘Change Drive Letter and Paths’. 4. Click Remove. 5. If Windows prompts you to confirm the action, click Yes. When I plug in my encrypted USB flash drive, Windows asks me if I want to format it.
and independent from each other). Since VeraCrypt always uses 256-bit random and independent keys, we are assured of a 128-bit security level against quantum algorithms which makes VeraCrypt encryption immune to such attacks. How to make a VeraCrypt volume available for Windows Search indexing? In order to be able to index a VeraCrypt volume through Windows Search, the volume must be mounted at boot time (System Favorite) or the Windows Search services must be restart after the volume is mounted.
Technical Details Notation C Ciphertext block DK() Decryption algorithm using encryption/decryption key K EK() Encryption algorithm using encryption/decryption key K H() Hash function i Block index for n-bit blocks; n is context-dependent K Cryptographic key P Plaintext block ^ Bitwise exclusive-OR operation (XOR) Modulo 2n addition, where n is the bit size of the left-most operand and of the resultant value (e.g.
Encryption Scheme When mounting a VeraCrypt volume (assume there are no cached passwords/keyfiles) or when performing pre-boot authentication, the following steps are performed: 1. The first 512 bytes of the volume (i.e., the standard volume header) are read into RAM, out of which the first 64 bytes are the salt (see VeraCrypt Volume Format Specification).
4. Decryption is considered successful if the first 4 bytes of the decrypted data contain the ASCII string “VERA”, and if the CRC-32 checksum of the last 256 bytes of the decrypted data (volume header) matches the value located at byte #8 of the decrypted data (this value is unknown to an adversary because it is encrypted – see the section VeraCrypt Volume Format Specification).
Modes of Operation The mode of operation used by VeraCrypt for encrypted partitions, drives, and virtual volumes is XTS. XTS mode is in fact XEX mode [12], which was designed by Phillip Rogaway in 2003, with a minor modification (XEX mode uses a single key for two different purposes, whereas XTS mode uses two independent keys). In 2010, XTS mode was approved by NIST for protecting the confidentiality of data on storage devices [24].
Header Key Derivation, Salt, and Iteration Count Header key is used to encrypt and decrypt the encrypted area of the VeraCrypt volume header (for system encryption, of the key data area), which contains the master key and other data (see the sections Encryption Scheme and VeraCrypt Volume Format Specification). In volumes created by VeraCrypt (and for system encryption), the area is encrypted in XTS mode (see the section Modes of Operation).
Random Number Generator The VeraCrypt random number generator (RNG) is used to generate the master encryption key, the secondary key (XTS mode), salt, and keyfiles. It creates a pool of random values in RAM (memory).
Generated Values The content of the RNG pool is never directly exported (even when VeraCrypt instructs the RNG to generate and export a value). Thus, even if the attacker obtains a value generated by the RNG, it is infeasible for him to determine or predict (using the obtained value) any other values generated by the RNG during the session (it is infeasible to determine the content of the pool from a value generated by the RNG).
Keyfiles VeraCrypt keyfile is a file whose content is combined with a password. The user can use any kind of file as a VeraCrypt keyfile. The user can also generate a keyfile using the built-in keyfile generator, which utilizes the VeraCrypt RNG to generate a file with random content (for more information, see the section Random Number Generator).
9. The password P (after the keyfile pool content has been applied to it) is now passed to the header key derivation function PBKDF2 (PKCS #5 v2), which processes it (along with salt and other data) using a cryptographically secure hash algorithm selected by the user (e.g., SHA-512). See the section Header Key Derivation, Salt, and Iteration Count for more information. The role of the hash function H is merely to perform diffusion [2]. CRC-32 is used as the hash function H.
PIM PIM stands for "Personal Iterations Multiplier". It is a parameter that was introduced in VeraCrypt 1.12 and whose value controls the number of iterations used by the header key derivation function. This value can be specified through the password dialog or in the command line. If no PIM value is specified, VeraCrypt will use the default number of iterations used in versions prior to 1.12 (see Header Key Derivation).
The screenshots below show the step to mount a volume using a PIM equal to 231: Changing/clearing the PIM The PIM of a volume or for system encryption can be changed or cleared using the change password functionality. The screenshots below shows an example of changing the PIM from the empty default value to a value equal to 3 (this is possible since the password has more than 20 characters): In order to do so, the user must first tick "Use PIM" checkbox in the "New" section to reveal the PIM field.
Normal volume case 147
System encryption case 148
VeraCrypt Volume Format Specification Offset (bytes) Size (bytes) Encryption Status* Unencrypted‡ Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Description 0 64 68 70 72 76 92 100 108 116 124 64 4 2 2 4 16 8 8 8 8 4 Salt ASCII string “VERA” Volume header format version (2) Minimum program version required to open the volume CRC-32 checksum of the (decrypted) bytes 256–511 Reserved (must contain zeroes) Size of hidden volume (set to zero in non-hidd
Note that this specification applies to volumes created by VeraCrypt 1.0b or later. The format of file- hosted volumes is identical to the format of partition/device-hosted volumes (however, the "volume header", or key data, for a system partition/drive is stored in the last 512 bytes of the first logical drive track). VeraCrypt volumes have no "signature" or ID strings. Until decrypted, they appear to consist solely of random data.
Compliance with Standards and Specifications To our best knowledge, VeraCrypt complies with the following standards, specifications, and recommendations: ISO/IEC 10118-3:2004 [21] FIPS 197 [3] FIPS 198 [22] FIPS 180-2 [14] FIPS 140-2 (XTS-AES, SHA-256, SHA-512, HMAC) [25] NIST SP 800-38E [24] PKCS #5 v2.0 [7] PKCS #11 v2.
Future Development For the list of features that are planned for a future release, please refer to: https://veracrypt.codeplex.com/wikipage?title=Future%20Development Contact Information on how to contact us can be found at: https://veracrypt.codeplex.com/wikipage?title=Contact Legal Information License The text of the license under which VeraCrypt is distributed is contained in the file License.
Version History 1.16 (October 7th, 2015) Windows: o Modify patch for CVE-2015-7358 vulnerability to solve side effects on Windows mount manager while still making it very hard to abuse drive letter handling. o Fix failure to restore volume header from an external file in some configurations. o Add option to disable “Evil Maid” attack detection for those encountering false positive cases (e.g. FLEXnet/Adobe issue).
o o o o On Windows 64-bit, 32-bit exe files are now available(e.g. if needed to use 32-bit PKCS#11 dll) Include Volume Expander in Traveler Disk Setup. Don't offer creating a restore point if it is disabled in Windows. Add possibility to verify a Rescue Disk ISO image file. Minors fixes in the installer, GUI and driver. 1.13 (August 9th, 2015) Windows: o Solve TOR crashing when run from a VeraCrypt volume. 1.
o o o o Fix warnings on about/LegalNotice dialogs when wxWidgets linked dynamically (N/A for official binary) Support hash names with '-' in command line (sha-256, sha-512 and ripemd160) Remove "--current-hash" switch and add "--new-hash" to be more coherent with existing switches. When only keyfile specified in command line, don't try to mount using empty password.
Acknowledgements We would like to thank the following people: The TrueCrypt Developers team who have done an amazing job over the course of 10 years. Without their hard work, VeraCrypt would not exist today. Paul Le Roux for making his E4M source code available. VeraCrypt 1.0 was derived from E4M and some parts of the E4M source code are still incorporated in the latest version of the VeraCrypt source code. Brian Gladman, who wrote the excellent AES, Twofish, and SHA-512 routines.
References [1] U.S. Committee on National Security Systems (CNSS), National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information, CNSS Policy No. 15, Fact Sheet No. 1, June 2003, available at http://csrc.nist.gov/groups/STM/cmvp/documents/CNSS15FS.pdf. [2] C. E. Shannon, Communication Theory of Secrecy Systems, Bell System Technical Journal, v. 28, n.
[12] P. Rogaway, Efficient Instantiations of Tweakable Blockciphers and Refinements to Modes OCB and PMAC, Asiacrypt 2004. LNCS vol. 3329. Springer, 2004. Also available at: http://www.cs.ucdavis.edu/~rogaway/papers/offsets.pdf. [13] J. Kelsey, Twofish Technical Report #7: Key Separation in Twofish, AES Round 2 public comment, April 7, 2000 [14] NIST, Secure Hash Standard, FIPS 180-2, August 1, 2002, available at http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf. [15] U. Maurer, J.