diff options
author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2022-03-27 16:33:40 +0200 |
---|---|---|
committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2022-03-27 16:34:42 +0200 |
commit | a077eb94ef66dfdec545d176a34dc1e0e47e5da2 (patch) | |
tree | 2c3853ca79fff654f12f7d40ec1758c7a000b5f3 /doc | |
parent | 540fb52acac15be194b5d6849ecf7e9ce5143096 (diff) | |
download | VeraCrypt-a077eb94ef66dfdec545d176a34dc1e0e47e5da2.tar.gz VeraCrypt-a077eb94ef66dfdec545d176a34dc1e0e47e5da2.zip |
Documentation: clearer description of how number of iterations are calculated
Diffstat (limited to 'doc')
-rw-r--r-- | doc/chm/VeraCrypt User Guide.chm | bin | 1921257 -> 1921112 bytes | |||
-rw-r--r-- | doc/html/Header Key Derivation.html | 6 | ||||
-rw-r--r-- | doc/html/Personal Iterations Multiplier (PIM).html | 4 |
3 files changed, 7 insertions, 3 deletions
diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm Binary files differindex 8d2384aa..8cbd6905 100644 --- a/doc/chm/VeraCrypt User Guide.chm +++ b/doc/chm/VeraCrypt User Guide.chm diff --git a/doc/html/Header Key Derivation.html b/doc/html/Header Key Derivation.html index d8896904..f922d676 100644 --- a/doc/html/Header Key Derivation.html +++ b/doc/html/Header Key Derivation.html @@ -65,14 +65,16 @@ PIM </a>field (<a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html">Per PIM </a>value is not specified or if it is equal to zero, VeraCrypt uses the default values expressed below:<br/> <ul> <li>For system partition encryption (boot encryption) that uses SHA-256, BLAKE2s-256 or Streebog, <strong>200000</strong> iterations are used.</li> -<li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers, <strong>500000</strong> iterations are used. +<li>For system encryption that uses SHA-512 or Whirlpool, <strong>500000</strong> iterations are used.</li> +<li>For non-system encryption and file containers, all derivation algorithms will use <strong>500000</strong> iterations. </li></ul> </p> <p>When a <a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html"> PIM </a>value is given by the user, the number of iterations of the key derivation function is calculated as follows:</p> <ul> <li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong> -</li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong> +</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 + (PIM x 1000)</strong> +</li><li>For non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong> </li></ul> </div> <div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px"> diff --git a/doc/html/Personal Iterations Multiplier (PIM).html b/doc/html/Personal Iterations Multiplier (PIM).html index 5271ced2..02921072 100644 --- a/doc/html/Personal Iterations Multiplier (PIM).html +++ b/doc/html/Personal Iterations Multiplier (PIM).html @@ -44,7 +44,9 @@ Header Key Derivation</a>).</p> <p>When a PIM value is specified, the number of iterations is calculated as follows:</p> <ul> -<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong> </li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong> +<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong> +</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 + (PIM x 1000)</strong> +</li><li>For non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong> </li></ul> <p>Prior to version 1.12, the security of a VeraCrypt volume was only based on the password strength because VeraCrypt was using a fixed number of iterations.<br> With the introduction of PIM, VeraCrypt has a 2-dimensional security space for volumes based on the couple (Password, PIM). This provides more flexibility for adjusting the desired security level while also controlling the performance of the mount/boot operation.</p> |