diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2022-03-21 00:14:33 +0100 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2022-03-21 01:18:48 +0100 |
| commit | a57a79c61da52b84236a4641ac23b2924fff88b6 (patch) | |
| tree | d8bdd1252f784c59f011994c9146dfaa413104a2 /doc/html/FAQ.html | |
| parent | 4a1be156f78f7c8bdfe3908a8b21a00fbe53f4f2 (diff) | |
| download | VeraCrypt-a57a79c61da52b84236a4641ac23b2924fff88b6.tar.gz VeraCrypt-a57a79c61da52b84236a4641ac23b2924fff88b6.zip | |
Update documentation to add Blake2s-256 and remove RIPEMD-160
Diffstat (limited to 'doc/html/FAQ.html')
| -rw-r--r-- | doc/html/FAQ.html | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/doc/html/FAQ.html b/doc/html/FAQ.html index 8b2fabc7..24e2cc57 100644 --- a/doc/html/FAQ.html +++ b/doc/html/FAQ.html @@ -64,10 +64,9 @@ Before doing the conversion, it is advised to backup the volume header using Tru VeraCrypt adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks.<br> It also solves many vulnerabilities and security issues found in TrueCrypt.<br> As an example, when the system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1000 iterations whereas in VeraCrypt we use <span style="text-decoration:underline">327661</span>. And for standard containers and other partitions, TrueCrypt uses at most 2000 iterations but VeraCrypt uses -<span style="text-decoration:underline">655331 </span>for RIPEMD160 and <span style="text-decoration:underline"> -500000 </span>iterations for SHA-2 and Whirlpool.<br> +<span style="text-decoration:underline">500000 </span>iterations.<br> This enhanced security adds some delay only to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data.</div> </div> <br id="PasswordLost" style="text-align:left"> @@ -523,16 +522,8 @@ Remark: VeraCrypt first attempts to decrypt the standard <a href="VeraCrypt%20Vo volume header</a> and if it fails, it attempts to decrypt the area within the volume where the hidden volume header may be stored (if there is a hidden volume within). In case it is successful, the password change applies to the hidden volume. (Both attempts use the password typed in the 'Current Password' field.)</div> <div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px"> <br style="text-align:left"> -<strong style="text-align:left">When I use HMAC-RIPEMD-160, is the size of the header encryption key only 160 bits?</strong></div> -<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px"> -No, VeraCrypt never uses an output of a hash function (nor of a HMAC algorithm) directly as an encryption key. See the section -<a href="Header%20Key%20Derivation.html" target="_blank" style="text-align:left; color:#0080c0; text-decoration:none.html"> -Header Key Derivation, Salt, and Iteration Count</a> in the <a href="https://www.veracrypt.fr/en/Documentation.html" target="_blank" style="text-align:left; color:#0080c0; text-decoration:none"> -documentation</a> for more information.</div> -<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px"> -<br style="text-align:left"> <strong style="text-align:left">How do I burn a VeraCrypt container larger than 2 GB onto a DVD?</strong><br style="text-align:left"> <br style="text-align:left"> The DVD burning software you use should allow you to select the format of the DVD. If it does, select the UDF format (ISO format does not support files larger than 2 GB).</div> <div id="disk_defragmenter" style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px"> |