A new VeraCrypt Interface?
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
Hello everybody,
in my master thesis, we redesigned and implemented an interface of the VeraCrypt's disk encryption wizard with the aim to ease the access to open source encryption software especially to users with little technical background.
Gujrati and Vasserman did the same for the (TrueCrypt) volumen encryption wizard in 2013. They tested their Interface with 60 participants and showed that the participant were significantly more successful with the redesigned interface. I also tested our redisigned disk encryption interface with 42 participants. One of the result was that the participants that used the original disk encryption interface asked for help 12 times more often. The success rate (without having asked for help) for the new interface was 7 times higher. Consequently, the combination of these two works would result in an significantly increased usability and therefore possibly to an increased adoption of VeraCrypt.
The main changes are:
The original interface confronts the user with an UEFI boot loader with several options that they can not select (hidden OS, multi-partition encryption). These options could be moved to a separated window that only can be accessed, if these options are selectable (if bios is used). See figure 1IntroPage
Selecting the hash and the encryption algorithm confused the participants. They did not know which effect the selection has and the technical description of the algorithms was rarely helpful. AES and SHA-512 could be selected as default and be modified by clicking the "Advanced features" button in the 2passwordpage. Only then, the 3advancedalg windows appears.
The original password page does not fulfill the current NIST recommendation for selecting a password. A user should not be allowed to chose a password that has less then 8 character or could be found in a password list. These recommendations are met in the redesigned interface. Moreover, a password strength meter is implemented.
The keyboard layout switch was problematic for several participants. 14% were not able to enter the correct password during the pre-test. Especially those participants who used many special characters wrote down what was displayed to them in the password field instead of what they entered (a '?' on a German keyboard layout results in a ''). The users password should be displayed as entered and transformed to the English keyboard layout in the background. This problem is not yet addressed in the redesign. Additionally, if the password and its confirmation is not identical, the user should be informed about that (instead of only disabling the 'Next' button.)
The randomness generation page is removed, instead the randomness is generated by the mouse movements in the background without the user noticing it (the mouse movement is only one of many inputs for generating a random value. When using VC in terminal, this step is omitted as well, as far as I know).
The page that shows the generated key is jumped. Users were confused, since they though they had to copy the (partly) displayed key.
The storing of the rescue disk was the most challenging part for the participants. It could be eased by storing the rescue disk via mail in the users mail post box (it has less then 2MB). Of course, a mail could be deleted but a stick can be lost as well. The disk verification process was problematic, because formatting the stick to FAT32, extracting the zip and bringing the folder in the correct path structure was not understood by most participants. Since the usage of the rescue disk is rather unlikely, it could be argued that it should be sufficient to copy the zip file to the stick without checking the data format. The USB stick can also be made bootable when the rescue disk is needed.
A checklist is included with a summary of all important information, shown in 6checklistpage.
The PIM text field should only be displayed, if a PIM is used.
If someone is interested in the source code, let me know, I would be happy to contribute to this project. The redesigned implementation does work (though it probably could be improved) and a disk encryption is possible with this version. In the attachment, you can find screenshots of the redesign. Please understand this post only as a suggestion. Most likely, this redesign is far from being perfect. Therefore, we would be thankful for your opinions and look forward to a discussion about the actual necessity and advantages of a redesign.
*
Hi Pius,
Thank you very much for sharing your work, Your findings are very helpful and I'm interested in merging parts of your work into VeraCrypt.
I like the idea of having default wizard mode with minimal options and an expert mode with full control. Also, the idea of a checklist at the end of the process will help users avoid many common mistaked.
I agree that the Rescue Disk part is not easy to handle. The idea of proposing to send it by email could help smooth the process for some users but I'm a little bit reserved about it. I think we need more feedback from the community about this part in order to decide.
Is there any public repository where we can check the code of your fork? I'm think about creating a new git branch dediceted to UI enhancement and you can create pull requests on this branch, and once changes are mature we can include them into master for next major release.
Hello Mounir,
thank you for your answer, the code can be found here here. A marked all the changes I've done, let me know if something. is not clear to you.
I assume the concept that the rescue disk has to be stored on a bootable stick and the recommendation to print the two boxes that explain how to use the rescue disk come from a time, where most likely only one computer could be found in the house. When this one did not start, it was for sure very handy to have a bootable stick ready to plug in. When an encrypted computer nowadays does not boot anymore, I guess it would not be very impractical to find a laptop to make the zip file bootable. In the user study, only 2 out of 21 particpants were able to follow the instructions and to create the bootable stick without help (and the stick was already formated to fat32 before).
I see that the email solution might appear complex. An smpt server would have to be configured and run. I dont know to which extend this is possible for a free-to-use software. Maybe it would already ease this process if the disk verification just checks if one of the folders exists, without cheching if the stick is NTFS or FAT32:
D:\VeraCrypt Rescue Disk.zip ||
D:\VeraCrypt Rescue Disk ||
D:\EFI
Most likely, the requirement to use the rescue disk is exremly rare, so the software could make sure that every user stores the disk and only those who actually need it, can make it bootable when necessary. In the redesigned version, I also stored the two infoboxes together with the rescue disk as a .txt file. Additionally the software could mention that the rescue disk could be stored in the users cloud or mailbox.
Hello everybody,
I wrote my bachelor thesis at the same university chair as @pius-ganter on the topic "Usability of full disk encryption applications". Besides other software I have also investigated VeraCrypt. In contrast to the thesis of @pius-ganter my work concentrated on finding general problems with the use of full disk encryption applications.
I can confirm the results of @pius-ganter that the interface is a big hurdle for people without a technical background. I also think it would be useful to introduce such a "simple mode" to make the technology accessible to more people.
If it is desired, I would be happy to contribute my results as well. Besides the handling of the interface, problems were found, for example, with downloading the application or accessing the wiki.
In addition to the Recue Disk for system encryption, I would like to suggest a user friendly backup headers during non-system encryption volume creation.
There are instances where users could have possibly regained access to their volume if they were able to restore the headers from the external backup file which is currently optional.
This ties into this thread.
Can you share links to your theses? (I'm Eugene, co-author of "The usability of TrueCrypt, or how I learned to stop whining and fix an interface", which @pius-ganter says contributed to his work.) I'd love to read @pius-ganter and @van-fouran findings, not just the code!
As @eyv said, it would be interesting to have access to the theses of @pius-ganter and @van-fouran in order to learn more about your findings and also to mention it in VeraCrypt documentation as a reference.
Good work.
If an SSD is detected, disable wipe mode (because SSD drives cannot tolerate too many write actions. They cannot be securely overwritten in the same way as hard disks).
In screenshot #5, please say email “address”. :-)
@idrassi Many thanks for your interest. My work has not yet been published as a whole. But we are still working on the topic to be able to provide a publication in the future.
Is there a possibility to contact you directly? Then I could give you an insight into my current results.
@dave I have also already thought about it, but unfortunately I am not a specialist in this area. If we completely overwrite the SSD like a hard drive, we can't guarantee that all data is really erased, can we? In my opinion, we will get problems because the SSDs make sure that the cells are written evenly, right?
I don't believe it's possible to secure erase an SSD by overwriting.
Hello I don't know if I am in the right place because I don't know English perfectly. I see that there is a rescuedisk.
Do I have a chance to recover my files on an external hd encrypted with veracrypt and which no longer opens: message mount volume 8334!
I like some of these ideas, like the password quality indicator and hiding full disk on UEFI as it wouldn't work anyways.
OTOH, I don't like the idea of removing options, especially these:
Short passwords are useful for quick testing and there is a popup anyways.
The mouse based random generator is very important for security. Please don't remove that.
As a general guideline, I don't think "dumbing down" VC's interface is a very good idea. Making it easier to use the interface won't make the users better qualified to handle the consequences of using encryption. It might just increase the amount of users that forget passwords and lose all their data because they don't have backups.
Hi @cryptolover,
Thank you for your feedback.
I believe that in general the question must be asked who the target group of VeraCrypt is.
Currently VeraCrypt is a product, which is very transparent from a cryptographic point of view and which focuses on getting the highest security possible for the affected devices. The current interface is a great possibility for experts to control nearly all settings. Unfortunately, this also leads to the fact that the complexity is currently so high that the product is not usable for the average user.
I understand your criticism that security could be lowered by eliminating elements such as the random mouse movements you mentioned. Therefore the idea, as mentioned by Mounir, is not to replace the old interface completely, but to introduce two modes: A minimal mode and an expert mode. While experts still can use the expert mode, the minimal mode is for the average user.
I think when we talk about the average user, the challenge in some areas is to find a tradeoff between usability and security. Currently, hard disk encryption is used extremely little (consciously) in the private sector. I therefore believe that our first goal for the private sector should be to make hard disk encryption generally accessible and to create a basic security level on many devices. I believe that it is acceptable for this area to remove some controls and to reduce security by a minimum if, in return, usability is increased considerably.
I am convinced that the technology will only be used by many people if it is easy to use for these people.
I completely agree with @van-fouran. Advanced users will know (or figure out) where to find advanced options, but @cryptolover, if you really want to make good crypto mainstream, we must consider how to convert novice users. UI improvements are a first step. Better documentation is unfortunately unlikely to make a difference.
Last edit: Eugene 2020-08-04
I agree that the mouse movement randomness should stay.
Instead of using technical terminology (with terms like “keys”), convey the information in jargon-free language, for example:
"To increase security, VeraCrypt now needs to generate random data from your mouse movements. Please move your mouse (touchpad or trackball), as randomly as possible, within this area."
Indicate the progress of random data generation, and only allow clicking on “next” when enough data has been generated (indicated by a progress bar).
In our research, that was a major problem with the mouse movement -- lack of clear progress and an explicit indivation when enough entropy is available. If that is clarified, the mouse movement can be kept. I'm still of the opinion that mouse entropy should be collected at the background, starting when the wizard launches, and thus potentially avoiding waiting for mouse movement at all.
.
To me, this is not random enough movement of the mouse since the user is performing defined movements from one screen to the next screen to click on the next button.
As Dave pointed-out, VeraCrypt needs to get rid of the technical jargon like PKCS-5 PRF which could be renamed to something like Header Key Algorithm or Volume Header Algorithm. Even my renaming suggestion is going to be too techincal for the novice users.
The UI interface could really benefit from having the informational circle with the letter "I" next to each field that the user can click on to get a quick explanation of the item in the simplest terms as possible and not technical jargon.
Last edit: Enigma2Illusion 2020-08-10
I don't think an informational tooltip is going to help much. I would focust on better naming. @enigma2illusion is right, even "Header Key Algorithm or Volume Header Algorithm" are far too technical. From a novice point of view, they may know what "key" means, but "header", "volume", and even "algorithm"? I doubt it. In our research ("The Usability of TrueCrypt, or
How I Learned to Stop Whining and Fix an Interface") we tried to stay away from the word "volume" and used "container" instead. I can't even make a suggestion for what to use instead of "header".
There are going to be some terminology that requires the novice user to learn their meaning.
To use a car engine as an example. Do most people know what a radiator hose is and what is its purpose? What about a timing chain?
My point is to demonstrate that you have to teach the novice user the meaning of the field they are on in the UI with the informational tool tips when they do not understand terminology or purpose of the field in the UI.
Cars don't have "Radiator hose" or "Timing chain" lights. They have "Check engine" lights.
Cars also have an implicit connotation of fatal accidents if one does not know how to operate them. Crypto does not evoke such a visceral response (see other studies, which I can reference on request). It may not be a good idea (but than again, it may be!) to attempt to teach users something during literally the first step of using this software. I agree that info buttons will likely help, but I'm not convinced they would help enough.
Sorry my car example was not clear. I was not referencing the dashboard lights. Merely the terminology of a car's engine.
Perhaps the example I should have used is going to a doctor that uses medical terminology that you have to ask the doctor for the explanation or purpose.
I understand, and I was purposely misusing your example, sorry :) Arguably, a doctor and a mechanic can explain stuff in non-technical detail to a layperson, but I don't know how often people ask for such explanations. They wants things to "just work", their cars, and (strangely), their bodies. If we had an expert system that could answer interactive user questions, that would be good, better than just walls of documentation. Tooltips would help as well. But my point remains that at such a critical juncture, it would be a mistake to rely on users' knowledge. We can have "advanced options" for users who know enough to ask for them, but for truly novice users, I believe they would be better served by more clear/intuitive labels, then assisted by tooltips of no more than a sentence. Anything else, even a single paragraph of documentation, is unlikely to be read. And remember, users may not understand a lot of things, so it's not a matter of reading a single paragraph of docs, it's a matter of reading a single paragraph for every item they do not understand.
As a good example ( I think) of how to do it right, take a look at the UI of Signal. So many cool things happen under the hood, but most of what is presented to the user is very straightforward.
Sorry, I don't mean to write a treatise on the matter in forums. And I hope you take this for the good-natured discussion that it is meant to be.
In my past experiences of hot topics regarding VeraCrypt, the developer Mounir Idrassi deeply appreciates civil discussions and reading the various viewpoints on a topic. :)
Strange as it may seem, I am in agreement that the UI needs a major overhaul to simplify the usage for novice users while leaving the advanced options for the power users.
But even the power users would appreciate the advanced options using less technical jargon such as my example of PKCS-5 PRF which represents the algorithm to be used for the creation of the header key.
Confusing settings on the Preferences options:
.
I never understood why there are two separate settings for Background task.
Last edit: Enigma2Illusion 2020-08-10
It looks like we are in violent agreement ;)