diff options
| author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-07-26 17:46:17 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2014-11-08 23:21:40 +0100 |
| commit | 97154aaf51efe787dd1678c8e1baeeb65ce46fe1 (patch) | |
| tree | 0034e3b6d3c272ceb35b3b186305e8510afc64c5 /src | |
| parent | 1ddae209326858f1c244a4b52ba2bd068cc8985a (diff) | |
| download | VeraCrypt-97154aaf51efe787dd1678c8e1baeeb65ce46fe1.tar.gz VeraCrypt-97154aaf51efe787dd1678c8e1baeeb65ce46fe1.zip | |
Lower number of times we overwrite volume header during the encryption of a partition if the user choose to wipe the driver. Latest studies show that even one pass is enough to make data irretrievable. A value of 3 is a conservative approach that enhance performance without scarifying security. http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html http://digital-forensics.sans.org/blog/2009/01/15/overwriting-hard-drive-data/
Diffstat (limited to 'src')
| -rw-r--r-- | src/Common/Crypto.h | 3 | ||||
| -rw-r--r-- | src/Format/InPlace.c | 8 |
2 files changed, 7 insertions, 4 deletions
diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index e66ac18c..ac925094 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -142,40 +142,43 @@ typedef struct # ifdef TC_WINDOWS_BOOT_AES
# define MAX_EXPANDED_KEY AES_KS
# elif defined (TC_WINDOWS_BOOT_SERPENT)
# define MAX_EXPANDED_KEY SERPENT_KS
# elif defined (TC_WINDOWS_BOOT_TWOFISH)
# define MAX_EXPANDED_KEY TWOFISH_KS
# endif
#else
#define MAX_EXPANDED_KEY (AES_KS + SERPENT_KS + TWOFISH_KS)
#endif
#ifdef DEBUG
# define PRAND_DISK_WIPE_PASSES 3
#else
# define PRAND_DISK_WIPE_PASSES 256
#endif
+/* specific value for volume header wipe used only when drive is fully wiped. */
+#define PRAND_HEADER_WIPE_PASSES 3
+
#if !defined (TC_WINDOWS_BOOT) || defined (TC_WINDOWS_BOOT_AES)
# include "Aes.h"
#else
# include "AesSmall.h"
#endif
#include "Aes_hw_cpu.h"
#include "Serpent.h"
#include "Twofish.h"
#include "Rmd160.h"
#ifndef TC_WINDOWS_BOOT
# include "Sha2.h"
# include "Whirlpool.h"
#endif
#include "GfMul.h"
#include "Password.h"
typedef struct keyInfo_t
diff --git a/src/Format/InPlace.c b/src/Format/InPlace.c index 228e2e5f..b1bfac98 100644 --- a/src/Format/InPlace.c +++ b/src/Format/InPlace.c @@ -484,58 +484,58 @@ int EncryptPartitionInPlaceBegin (volatile FORMAT_VOL_PARAMETERS *volParams, vol nStatus = DismountFileSystem (dev,
driveLetter,
TRUE,
TRUE,
FALSE);
if (nStatus != ERR_SUCCESS)
{
nStatus = ERR_DONT_REPORT;
goto closing_seq;
}
/* Create header backup on the partition. Until the volume is fully encrypted, the backup header will provide
us with the master key, encrypted range, and other data for pause/resume operations. We cannot create the
primary header until the entire partition is encrypted (because we encrypt backwards and the primary header
area is occuppied by data until the very end of the process). */
// Prepare the backup header
- for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++)
+ for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++)
{
nStatus = CreateVolumeHeaderInMemory (FALSE,
header,
volParams->ea,
FIRST_MODE_OF_OPERATION_ID,
volParams->password,
volParams->pkcs5,
wipePass == 0 ? NULL : (char *) cryptoInfo->master_keydata,
&cryptoInfo,
dataAreaSize,
0,
TC_VOLUME_DATA_OFFSET + dataAreaSize, // Start of the encrypted area = the first byte of the backup heeader (encrypting from the end)
0, // No data is encrypted yet
0,
volParams->headerFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC,
volParams->sectorSize,
- wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1));
+ wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1));
if (nStatus != 0)
goto closing_seq;
offset.QuadPart = TC_VOLUME_DATA_OFFSET + dataAreaSize;
if (!SetFilePointerEx (dev, offset, NULL, FILE_BEGIN))
{
nStatus = ERR_OS_ERROR;
goto closing_seq;
}
// Write the backup header to the partition
if (!WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header))
{
nStatus = ERR_OS_ERROR;
goto closing_seq;
}
// Fill the reserved sectors of the backup header area with random data
@@ -952,58 +952,58 @@ inplace_enc_read: if (bVolTransformThreadCancel)
{
bPause = TRUE;
break;
}
}
nStatus = FastVolumeHeaderUpdate (dev, headerCryptoInfo, masterCryptoInfo, deviceSize);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
if (!bPause)
{
/* The data area has been fully encrypted; create and write the primary volume header */
SetNonSysInplaceEncUIStatus (NONSYS_INPLACE_ENC_STATUS_FINALIZING);
- for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_DISK_WIPE_PASSES); wipePass++)
+ for (int wipePass = 0; wipePass < (wipeAlgorithm == TC_WIPE_NONE ? 1 : PRAND_HEADER_WIPE_PASSES); wipePass++)
{
nStatus = CreateVolumeHeaderInMemory (FALSE,
header,
headerCryptoInfo->ea,
headerCryptoInfo->mode,
password,
masterCryptoInfo->pkcs5,
(char *) masterCryptoInfo->master_keydata,
&tmpCryptoInfo,
masterCryptoInfo->VolumeSize.Value,
0,
masterCryptoInfo->EncryptedAreaStart.Value,
masterCryptoInfo->EncryptedAreaLength.Value,
masterCryptoInfo->RequiredProgramVersion,
masterCryptoInfo->HeaderFlags | TC_HEADER_FLAG_NONSYS_INPLACE_ENC,
masterCryptoInfo->SectorSize,
- wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_DISK_WIPE_PASSES - 1));
+ wipeAlgorithm == TC_WIPE_NONE ? FALSE : (wipePass < PRAND_HEADER_WIPE_PASSES - 1));
if (nStatus != ERR_SUCCESS)
goto closing_seq;
offset.QuadPart = TC_VOLUME_HEADER_OFFSET;
if (SetFilePointerEx (dev, offset, NULL, FILE_BEGIN) == 0
|| !WriteEffectiveVolumeHeader (TRUE, dev, (byte *) header))
{
nStatus = ERR_OS_ERROR;
goto closing_seq;
}
// Fill the reserved sectors of the header area with random data
nStatus = WriteRandomDataToReservedHeaderAreas (dev, headerCryptoInfo, masterCryptoInfo->VolumeSize.Value, TRUE, FALSE);
if (nStatus != ERR_SUCCESS)
goto closing_seq;
}
|