VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2024-11-09 11:32:36 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2024-11-09 11:32:36 +0100
commitd1d68f6f43a251de41f45e3022c8840a33eed350 (patch)
treee5101fbeac2aab276ea32db59a5b2da9c826508a
parente5a0bf22b17d7d6c92d7793bed5d63d0e9e72e4c (diff)
downloadVeraCrypt-d1d68f6f43a251de41f45e3022c8840a33eed350.tar.gz
VeraCrypt-d1d68f6f43a251de41f45e3022c8840a33eed350.zip
Windows: define a new formula for Argon2 parameters derivation from PIM valueArgon2_1.26.13
-rw-r--r--src/Common/Pkcs5.c87
1 files changed, 76 insertions, 11 deletions
diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c
index 3f237a66..25c65886 100644
--- a/src/Common/Pkcs5.c
+++ b/src/Common/Pkcs5.c
@@ -1364,21 +1364,86 @@ void derive_key_argon2(char *pwd, int pwd_len, char *salt, int salt_len, uint32
memset(dk, 0, dklen);
}
+/**
+ * get_argon2_params
+ *
+ * This function calculates the memory cost (in KiB) and time cost (iterations) for
+ * the Argon2id key derivation function based on the Personal Iteration Multiplier (PIM) value.
+ *
+ * Parameters:
+ * - pim: The Personal Iteration Multiplier (PIM), which controls the memory and time costs.
+ * If pim < 0, it is clamped to 0.
+ * If pim == 0, the default value of 12 is used.
+ * - pIterations: Pointer to an integer where the calculated time cost (iterations) will be stored.
+ * - pMemcost: Pointer to an integer where the calculated memory cost (in KiB) will be stored.
+ *
+ * Formulas:
+ * - Memory Cost (m_cost) in MiB:
+ * m_cost(pim) = min(64 MiB + (pim - 1) * 32 MiB, 1024 MiB)
+ * This formula increases the memory cost by 32 MiB for each increment of PIM, starting from 64 MiB.
+ * The memory cost is capped at 1024 MiB when PIM reaches 31 or higher.
+ * The result is converted to KiB before being stored in *pMemcost:
+ * *pMemcost = m_cost(pim) * 1024
+ *
+ * - Time Cost (t_cost) in iterations:
+ * If PIM <= 31:
+ * t_cost(pim) = 3 + floor((pim - 1) / 3)
+ * If PIM > 31:
+ * t_cost(pim) = 13 + (pim - 31)
+ * This formula increases the time cost by 1 iteration for every 3 increments of PIM when PIM <= 31.
+ * For PIM > 31, the time cost increases by 1 iteration for each increment in PIM.
+ * The calculated time cost is stored in *pIterations.
+ *
+ * Example:
+ * - For PIM = 12:
+ * Memory Cost = 64 + (12 - 1) * 32 = 416 MiB (425,984 KiB)
+ * Time Cost = 3 + floor((12 - 1) / 3) = 6 iterations
+ *
+ * - For PIM = 31:
+ * Memory Cost = 64 + (31 - 1) * 32 = 1024 MiB (capped)
+ * Time Cost = 3 + floor((31 - 1) / 3) = 13 iterations
+ *
+ * - For PIM = 32:
+ * Memory Cost = 1024 MiB (capped)
+ * Time Cost = 13 + (32 - 31) = 14 iterations
+ *
+ */
void get_argon2_params(int pim, int* pIterations, int* pMemcost)
{
- int memcost = 16 * 1024 + pim * 512;
- int iterations;
-
- if (memcost <= 64 * 1024) {
- // For memory costs up to 64 MB
- iterations = 100 - (pim * 85) / 96;
- } else {
- // For memory costs above 64 MB
- iterations = 15 - ((pim - 96) * 10) / 192;
+ // Ensure PIM is at least 0
+ if (pim < 0)
+ {
+ pim = 0;
+ }
+
+ // Default PIM value is 12
+ // which leads to 416 MiB memory cost and 6 iterations
+ if (pim == 0)
+ {
+ pim = 12;
}
- *pIterations = iterations;
- *pMemcost = memcost;
+ // Compute the memory cost (m_cost) in MiB
+ int m_cost_mib = 64 + (pim - 1) * 32;
+
+ // Cap the memory cost at 1024 MiB
+ if (m_cost_mib > 1024)
+ {
+ m_cost_mib = 1024;
+ }
+
+ // Convert memory cost to KiB for Argon2
+ *pMemcost = m_cost_mib * 1024; // m_cost in KiB
+
+ // Compute the time cost (t_cost)
+ if (pim <= 31)
+ {
+ *pIterations = 3 + ((pim - 1) / 3);
+ }
+ else
+ {
+ *pIterations = 13 + (pim - 31);
+ }
}
#endif //!TC_WINDOWS_BOOT