VeraCrypt

From Glitchdata
Jump to navigation Jump to search

Template:Infobox software

VeraCrypt is an open-source utility used for on-the-fly encryption (OTFE).[1] It can create a virtual encrypted disk within a file or encrypt a partition[2] or (in Windows) the entire storage device with pre-boot authentication.[3]

VeraCrypt is a fork of the discontinued TrueCrypt project.[4] It was initially released on June 22, 2013 and has produced its fourteenth release (version 1.19) as of October 17, 2016.[5] Many security improvements have been implemented and issues raised by TrueCrypt code audits have been fixed (see below).

License and source model

VeraCrypt has been licensed under the Apache License 2.0 since 28 June 2015.[6] Prior to that, it was released under the Microsoft Public License.[7] VeraCrypt inherited a substantial amount of code from its TrueCrypt predecessor and thus is also subject to the terms of version 3.0 of the "TrueCrypt License" which is unique to the TrueCrypt software.[8][9] It is not one of many widely used open-source licenses and is not a free software license according to the Free Software Foundation (FSF) license list, as it contains distribution and copyright-liability restrictions.[10]

Encryption scheme

Algorithms

Individual ciphers supported by VeraCrypt are AES, Serpent, Twofish, Camellia, and Kuznyechik. The Magma cipher was removed in version 1.19 in response to a security audit.[11] Additionally, five different combinations of cascaded algorithms are available: AES-Twofish, AES-Twofish-Serpent, Serpent-AES, Serpent-Twofish-AES and Twofish-Serpent.[12] The cryptographic hash functions available for use in VeraCrypt are RIPEMD-160, SHA-256, SHA-512, Streebog and Whirlpool.[13]

Modes of operation

VeraCrypt uses the XTS mode of operation.[14]

Keys

The header key and the secondary header key (XTS mode) are generated using PBKDF2 with a 512-bit salt and 327,661 to 655,331 iterations, depending on the underlying hash function used.[15]

Plausible deniability

As with its predecessor TrueCrypt, VeraCrypt supports plausible deniability[16] by allowing a single "hidden volume" to be created within another volume.[17] In addition, the Windows versions of VeraCrypt have the ability to create and run a hidden encrypted operating system whose existence may be denied.[18]

The VeraCrypt documentation lists many ways in which VeraCrypt's hidden volume deniability features may be compromised (e.g. by third-party software which may leak information through temporary files, thumbnails, etc., to unencrypted disks) and possible ways to avoid this.[19]

Performance

VeraCrypt supports parallelized[20]Template:Rp encryption for multi-core systems and, under Microsoft Windows, pipelined read and write operations (a form of asynchronous processing)[20]Template:Rp to reduce the performance hit of encryption and decryption. On newer processors supporting the AES-NI instruction set, VeraCrypt supports hardware-accelerated AES to further improve performance.[20]Template:Rp

Security improvements

Template:See also

The VeraCrypt development team considered the TrueCrypt storage format too vulnerable to a National Security Agency (NSA) attack, so it created a new format incompatible with that of TrueCrypt. This is one of the main differences between VeraCrypt and its competitor CipherShed, which continues to use the TrueCrypt format. VeraCrypt is still capable of opening and converting volumes in the TrueCrypt format.[21][22]

While TrueCrypt uses 1000 iterations of the PBKDF2-RIPEMD160 algorithm for system partitions, VeraCrypt uses 327,661 iterations. For standard containers and other partitions, VeraCrypt uses 655,331 iterations of RIPEMD160 and 500,000 iterations of SHA-2 and Whirlpool. While this makes VeraCrypt slower at opening encrypted partitions, it also makes password guessing attacks slower.[4] Additionally, in version 1.12 A new feature called PIM “Personal Iterations Multiplier” was added, a parameter value that controls the number of iterations utilized by the header key derivation function there by making brute forcing potently even more difficult but at the expense of making the process of opening encrypted archives even slower.[23][24][25][26]

A vulnerability in the bootloader was fixed on Windows and various optimizations were made as well. The developers added support for SHA-256 to the system boot encryption option and also fixed a ShellExecute security issue. Linux and macOS users benefit from support for hard drives with sector sizes larger than 512. Linux also received support for the NTFS formatting of volumes.

VeraCrypt added the capability to encrypt GPT System Partitions and boot them using UEFI in version 1.18a.[21]

An independent security audit of TrueCrypt released 29 September 2015 found TrueCrypt includes two vulnerabilities in the Windows installation driver allowing an attacker arbitrary code execution and privilege escalation via DLL hijacking.[27] This was fixed in VeraCrypt in January 2016.[28]

Veracrypt audit

An audit of VeraCrypt 1.18 was conducted by QuarksLab on behalf of the Open Source Technology Improvement Fund, taking 32 man-days and published on 17 October 2016.[29][30] The major vulnerabilities identified in this audit were resolved in VeraCrypt 1.19, released the same day.[31][32]

Security precautions

There are several kinds of attacks that all software-based disk encryption is vulnerable to. As with TrueCrypt, the VeraCrypt documentation instructs users to follow various security precautions to mitigate these attacks,[19][33] several of which are detailed below.

Encryption keys stored in memory

VeraCrypt stores its keys in the RAM; on an ordinary personal computer the DRAM will maintain its contents for several seconds after power is cut (or longer if the temperature is lowered). Even if there is some degradation in the memory contents, various algorithms can intelligently recover the keys. This method, known as a cold boot attack (which would apply in particular to a notebook computer obtained while in power-on, suspended, or screen-locked mode), has been successfully used to attack a file system protected by TrueCrypt.[34]

Physical security

VeraCrypt documentation states that VeraCrypt is unable to secure data on a computer if an attacker physically accessed it and VeraCrypt is then used on the compromised computer by the user again. This does not affect the common case of a stolen, lost, or confiscated computer.[35] The attacker having physical access to a computer can, for example, install a hardware or a software keylogger, a bus-mastering device capturing memory or install any other malicious hardware or software, allowing the attacker to capture unencrypted data (including encryption keys and passwords) or to decrypt encrypted data using captured passwords or encryption keys. Therefore, physical security is a basic premise of a secure system. Attacks such as this are often called "evil maid attacks".[36]

Malware

VeraCrypt documentation states that VeraCrypt cannot secure data on a computer if it has any kind of malware installed. Some kinds of malware are designed to log keystrokes, including typed passwords, that may then be sent to the attacker over the Internet or saved to an unencrypted local drive from which the attacker might be able to read it later, when they gain physical access to the computer.[37]

Trusted Platform Module

The FAQ section of the VeraCrypt website[38] states that the Trusted Platform Module (TPM) cannot be relied upon for security, because if the attacker has physical or administrative access to the computer and you use it afterwards, the computer could have been modified by the attacker e.g. a malicious component—such as a hardware keystroke logger—could have been used to capture the password or other sensitive information. Since the TPM does not prevent an attacker from maliciously modifying the computer, VeraCrypt will not support TPM.

Planned features

Unicode passwords are currently supported on Windows for all non-system encryption; future plans include providing Unicode capability throughout VeraCrypt.[39]

See also

Template:Portal

References

Template:Reflist

External links

Script error: No such module "Side box".

Template:Cryptography navbox Template:Cryptographic software

  1. "VeraCrypt Official Site"
  2. "VeraCrypt Volume". VeraCrypt Official Website. https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Volume. Retrieved February 16, 2015.
  3. "Operating Systems Supported for System Encryption". VeraCrypt Official Website. https://veracrypt.codeplex.com/wikipage?title=Supported%20Systems%20for%20System%20Encryption. Retrieved February 16, 2015.
  4. 4.0 4.1 Rubens, Paul (October 13, 2014). "VeraCrypt a Worthy TrueCrypt Alternative". eSecurity Planet. Quinstreet Enterprise. http://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html. Retrieved February 16, 2015.
  5. "VeraCrypt Downloads"
  6. "Apache License 2.0 (Apache)". https://veracrypt.codeplex.com/license. Retrieved 2015-07-01.
  7. "Microsoft Public License (Ms-PL)". https://veracrypt.codeplex.com/license?LicenseHistoryId=120858. Retrieved 2015-07-01.
  8. TrueCrypt License. Accessed on: May 21, 2012 Template:Dead link
  9. TrueCrypt Collective License. Accessed on: June 4, 2014
  10. Template:Citation
  11. http://www.theregister.co.uk/2016/10/18/veracrypt_audit/
  12. "Encryption Algorithms". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Encryption%20Algorithms. Retrieved 2015-01-04.
  13. "Hash Algorithms". VeraCrypt Documentation. IDRIX. https://veracrypt.codeplex.com/wikipage?title=Hash%20Algorithms. Retrieved 2015-01-04.
  14. "Modes of Operation". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Modes%20of%20Operation. Retrieved 2015-01-04.
  15. "Header Key Derivation, Salt, and Iteration Count". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Header%20Key%20Derivation. Retrieved 2015-01-04.
  16. "Plausible Deniability". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Plausible%20Deniability. Retrieved 2015-01-04.
  17. "Hidden Volume". VeraCrypt Documentation. IDRIX. https://veracrypt.codeplex.com/wikipage?title=Hidden%20Volume. Retrieved 2015-01-04.
  18. "Hidden Operating System". VeraCrypt Documentation. IDRIX. 2014-01-04. https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Hidden%20Operating%20System. Retrieved 2015-01-04.
  19. 19.0 19.1 "Security Requirements and Precautions Pertaining to Hidden Volumes". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20for%20Hidden%20Volumes. Retrieved 2015-01-04.
  20. 20.0 20.1 20.2 "VeraCrypt User Guide". IDRIX. 2015-01-04. https://veracrypt.codeplex.com/documentation.
  21. 21.0 21.1 "VeraCrypt Release Notes"
  22. Castle, Alex (March, 2015). "Where Are We At With TrueCrypt?". MaximumPC, p. 59.
  23. "Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security". http://thehackernews.com/2015/08/veracrypt-encryption-software.html#. Retrieved 5 June 2017.
  24. "TrueCrypt alternative VeraCrypt 1.12 ships with interesting PIM feature". https://www.ghacks.net/2015/08/07/truecrypt-alternative-veracrypt-1-12-ships-with-interesting-pim-feature/. Retrieved 5 June 2017.
  25. "Transcript of Episode #582". https://www.grc.com/sn/sn-582.htm. Retrieved 5 June 2017.
  26. "PIM". https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html. Retrieved 7 June 2017.
  27. http://www.pcworld.com/article/2987439/encryption/newly-found-truecrypt-flaw-allows-full-system-compromise.html
  28. CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege
  29. OSTIF (October 17, 2016). "VeraCrypt Audit". https://ostif.org/the-veracrypt-audit-results/. Retrieved October 18, 2016.
  30. QuarksLab (October 17, 2016). "VeraCrypt Audit Results". http://blog.quarkslab.com/resources/2016-10-17-audit-veracrypt/16-08-215-REP-VeraCrypt-sec-assessment.pdf. Retrieved October 18, 2016.
  31. QuarkLabs (October 17, 2016). "VeraCrypt Audit Outcome". http://blog.quarkslab.com/security-assessment-of-veracrypt-fixes-and-evolutions-from-truecrypt.html. Retrieved October 18, 2016.
  32. VeraCrypt (October 17, 2016). "VeraCrypt 1.19 Release Notes". https://veracrypt.codeplex.com/wikipage?title=Release%20Notes. Retrieved October 18, 2016.
  33. "Security Requirements and Precautions". VeraCrypt Documentation. IDRIX. https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20and%20Precautions. Retrieved February 16, 2015.
  34. Alex Halderman. "Lest We Remember: Cold Boot Attacks on Encryption Keys". http://www.usenix.org/event/sec08/tech/full_papers/halderman/halderman_html/.
  35. "Physical Security". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Physical%20Security. Retrieved 2015-01-04.
  36. Schneier, Bruce (2009-10-23). ""Evil Maid" Attacks on Encrypted Hard Drives". Schneier on Security. https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html. Retrieved 2014-05-24.
  37. "Malware". VeraCrypt Documentation. IDRIX. 2015-01-04. https://veracrypt.codeplex.com/wikipage?title=Malware. Retrieved 2015-01-04.
  38. "FAQ". https://veracrypt.codeplex.com/wikipage?title=FAQ. Retrieved 2015-01-04.
  39. "Issues - UniCode 8.0 basis for VeraCrypt". https://veracrypt.codeplex.com/workitem/62. Retrieved 2015-05-15.