VeraCrypt
aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2022-03-27 16:33:40 +0200
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2022-03-27 16:34:42 +0200
commita077eb94ef66dfdec545d176a34dc1e0e47e5da2 (patch)
tree2c3853ca79fff654f12f7d40ec1758c7a000b5f3
parent540fb52acac15be194b5d6849ecf7e9ce5143096 (diff)
downloadVeraCrypt-a077eb94ef66dfdec545d176a34dc1e0e47e5da2.tar.gz
VeraCrypt-a077eb94ef66dfdec545d176a34dc1e0e47e5da2.zip
Documentation: clearer description of how number of iterations are calculated
-rw-r--r--doc/chm/VeraCrypt User Guide.chmbin1921257 -> 1921112 bytes
-rw-r--r--doc/html/Header Key Derivation.html6
-rw-r--r--doc/html/Personal Iterations Multiplier (PIM).html4
3 files changed, 7 insertions, 3 deletions
diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm
index 8d2384aa..8cbd6905 100644
--- a/doc/chm/VeraCrypt User Guide.chm
+++ b/doc/chm/VeraCrypt User Guide.chm
Binary files differ
diff --git a/doc/html/Header Key Derivation.html b/doc/html/Header Key Derivation.html
index d8896904..f922d676 100644
--- a/doc/html/Header Key Derivation.html
+++ b/doc/html/Header Key Derivation.html
@@ -65,14 +65,16 @@ PIM </a>field (<a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html">Per
PIM </a>value is not specified or if it is equal to zero, VeraCrypt uses the default values expressed below:<br/>
<ul>
<li>For system partition encryption (boot encryption) that uses SHA-256, BLAKE2s-256 or Streebog, <strong>200000</strong> iterations are used.</li>
-<li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers, <strong>500000</strong> iterations are used.
+<li>For system encryption that uses SHA-512 or Whirlpool, <strong>500000</strong> iterations are used.</li>
+<li>For non-system encryption and file containers, all derivation algorithms will use <strong>500000</strong> iterations.
</li></ul>
</p>
<p>When a <a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html">
PIM </a>value is given by the user, the number of iterations of the key derivation function is calculated as follows:</p>
<ul>
<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong>
-</li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
+</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
+</li><li>For non-system encryption and file containers: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
</li></ul>
</div>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
diff --git a/doc/html/Personal Iterations Multiplier (PIM).html b/doc/html/Personal Iterations Multiplier (PIM).html
index 5271ced2..02921072 100644
--- a/doc/html/Personal Iterations Multiplier (PIM).html
+++ b/doc/html/Personal Iterations Multiplier (PIM).html
@@ -44,7 +44,9 @@
Header Key Derivation</a>).</p>
<p>When a PIM value is specified, the number of iterations is calculated as follows:</p>
<ul>
-<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong> </li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
+<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong>
+</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
+</li><li>For non-system encryption and file containers: Iterations = <strong>15000 &#43; (PIM x 1000)</strong>
</li></ul>
<p>Prior to version 1.12, the security of a VeraCrypt volume was only based on the password strength because VeraCrypt was using a fixed number of iterations.<br>
With the introduction of PIM, VeraCrypt has a 2-dimensional security space for volumes based on the couple (Password, PIM). This provides more flexibility for adjusting the desired security level while also controlling the performance of the mount/boot operation.</p>