Please cut the iteration count by 3/4. Even though this makes it 4x "weaker" in some peoples eyes, since computers double in power every 18 months, one would only have to wait 3 years to attack the iteration for the same level of success. Security does not come from high iteration counts, rather strong passwords. A high iteration count is just voodoo security, it's fake, and only idiots believe in it. But for us end-users, we can boot our computers in 15 seconds rather than 60.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-15
It is users such as yourself the minimum iteration count is there to protect, you have no idea about encryption or how it works.
VeraCrypt is not a toy, it is REAL security. Try TrueCrypt or CipherShed instead.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-16
"since computers double in power every 18 months, one would only have to wait 3 years to attack the iteration for the same level of success."
You have just made the case for higher iterations.
"Security does not come from high iteration counts"
You need to read what they do and why they are important.
"A high iteration count is just voodoo security, it's fake, and only idiots believe in it."
You are just trolling now. There are only about 3 individual people making this request but they are disproportionally represented in the request section.
"But for us end-users, we can boot our computers in 15 seconds rather than 60."
A clear case of choosing speed over security, VeraCrypt is not the appropriate encryption software for you.
Their will be a configuration option to configure the iterations count, although I'm envisioning two builds of VeraCrypt that shares the same code but only differs by the minimal value of the lower bound of the iterations. The difference will apply only to the creation of the volumes ("VeraCrypt Format.exe") and it will not affect the bootloader or the mount tool "VeraCrypt.exe") which will be the same.
In the "full" build which will have the name "VeraCrypt", the lower bound of the iterations can't be lower than the current used value which means that we can only increase the value.
In the "lite" build which will probably have the name "VeraCrypt Lite" (not sure yet about the naming), the lower bound of the iterations can be set to a much lower value depending on the password length (e.i. around 30000 for long passwords).
Anyway, once the code that handles dynamic iterations is implemented, it will be just a matter of #ifdef to separate the two versions. This way, it will much easier to maintain.
Of course, there is another opinion who asks for a simple switch or an option in the configuration file that will activate the mode where the lower bound value is smaller. Personally, I would like to keep the assurance that volumes created by the "full" build of VeraCrypt will have a high iterations count for those who need this. Technically speaking, volumes created by any of the two builds will have the same format and they can be mounted by any of the builds, but by separating the builds, those who will deploy the "full" build in an organization for example will have the assurance that all volumes created will meet a minimal security requirement.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-15
Hey Mounir,
thanks for that!
Still I don't understand the logic behind your decision and I gave not up the fight hehehe...
When saying that there is the danger of users not knowing what the iteration count is and setting it accidentally too low (or simply they don't trust their own decision and want to "have the assurance that all volumes created will meet a minimal security requirement"), then there is the same possibility that they will use the "lite version" and do the same mistake or do other mistakes that are way more critical! Sorry, but these users would be really dumb and more likely to write their password down on a note at the fridge...
Also the iteration count is not anywhere as important as a strong password, that noob users are 10 times more likely to use... so I think it would be more useful to only create ONE version of Verycrypt that is able to set the iterations to 10.000 OR higher BUT in the process of creating such a volume the user gets a big fat warning that he has to click "okay".
I don't like the idea of having two versions of verycrypt, it is dividing the trust in it because now people had to compile TWO versions of the sourcecode to see if the .exes are true to the source.
So until you will be able to rewrite the bootloader to 32bit performance that would be the perfect solution, let the user decide and for the dumb users there is a huge warning. Hey, 10.000 iterations is still 10 times more than TC!
Don't split Verycrypt into two versions...
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-15
The separate Lite version is to protect the VeraCrypt name. Users who do not understand security will chose the Lite version for speed not security.
This leaves VeraCrypt full for REAL protection against a serious threat model.
10 times better than TC when TC was built many years ago does not even keep up with the rate of cracking power by adversaries.
Personally I would prefer all the people interested in speed over security to use CipherShed as I understand they may provide a weak iteration count to satisfy users with no threat model.
This discussion has been beaten to death many times, please do some basic research before reposting.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-15
The logic is completely flawed. Veracrypt does not get weaker when it offers the possibility to use lower iterations. That is simply not true.
With that logic VC is not secure because it offers the possibility of a 1 character password. But that is just not true.
Why do people who don't need something want to take the liberty of other people away that need it when they can simply ignore it and use the higher iterations?
Do you fear that you can not trust your mind when encrypting a volume? Then check the volume details every day to see if you used SHA 512, a long password and high iterations... the problem is with YOU when you don't trust yourself and not the software that offers more possibilities.
And the name Verycrypt with your logic is damaged, too, because of the 1 character password. But it isn't. It's just an option.
Give me some logical ARGUMENTS and we can discuss.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-16
Most people are on the side to let the user decide if he wants high or low iterations. The software does not get insecure by letting the user decide.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-16
"since computers double in power every 18 months, one would only have to wait 3 years to attack the iteration for the same level of success."
You have just made the case for higher iterations.
"Security does not come from high iteration counts"
You need to read what they do and why they are important.
"A high iteration count is just voodoo security, it's fake, and only idiots believe in it."
You are just trolling now. There are only about 3 individual people making this request but they are disproportionally represented in the request section.
"But for us end-users, we can boot our computers in 15 seconds rather than 60."
A clear case of choosing speed over security, VeraCrypt is not the appropriate encryption software for you.
I created a new VC volume and selected SHA-256 as hash and the mount speed was faster, about 50% faster. I suggest using SHA-256 if you want it fast and secure.
This way there's NO NEED to reduce iterations and at the same time we're all using the same and only full version of Veracrypt and not making Mounir Idrassi create a fork of a fork.
Maybe it would be a good solution and if explained well so that people who can't wait uses it, would reduce complaints and 'the need' for another version. I prefer one full version with complete and inmediate suport than two.
I also want to say thanks to Mounir for dedicating so much time and efforts on this project. It's a better reality now, a guy that's continously working on it, that answers back, that accepts suggestion, that we all know. We did not have this with the people that developed Truecrypt so let's not abuse of his time and resources.
I don't know if there's a hash algorithm that would be safe and faster than SHA-256. If it exists, adding it and explaining it and telling people that it is faster would help.
With ONE and only full version of Veracrypt.
Copy and paste from Codeplex forum.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-17
"You need to study brute force protection."
First of all: stop thinking that you are god and everybody not beeing on the same side is dumb and unintelligent, okay? If you are that arrogant all the time nobody wants to discuss with you and honestly that is a shitty way of talking to other people, be polite! Thank you!
My statement "Veracrypt does not get weaker when it offers the possibility to use lower iterations." is completely true when you are able to understand it correctly and don't try to understand it wrong.
"There are reasons the lower limit is available, it is used for other things."
Ooooooh, and I thought that you should not make ANY compromise with security? You are a hyprocite! Decide for one side! Eat this: There are reasons the lower iteration option is availabe, it is used for people that have a strong password but need fast access to their laptop when doing business work.
""Why do people who don't need something want to take the liberty of other people away that need it"
Likewise LOL"
I don't want to take the option away to use higher iterations...
"People more intelligent than yourself attempted to argue this case, they were defeated in the link above."
Simply rude.
"VeraCypt is too secure for your needs, choose a weaker product."
And you think when you repeat these "wise" words you are doing anybody a favor? There are thousands of reasons why it makes more sense to use Veracrypt instead of other products although you want to use lower iterations.
"You clearly do not face a threat model significant enough to induce paranoia, use CipherShed or Bitlocker."
Don't tell me what to do, thank you very much! But I guess I am not intelligent enough to talk with you, it is funny you say that there are only 3 people requesting the lower iteration feature when there are at max 2 people trying to avoid this feature in the sourceforge forum. One of them is L0ck which I guess is you...
My guess is that over 70 percent of the Veracrypt users right now wishes the options for lower iterations. Again my question: can you give me LOGICAL arguments against such an option? You did not give me any...
The only reason against lower iteration options I could think of and found in the other discussion is the following:
Dumb people could accidentally (after 3 big fat warnings you have to click okay) use lower iteration and think they are fortknox safe against bruteforce with a weak password.
The image of Veracrypt could be damaged. That is bullshit because then the 1 character password (does not matter if there is any need for them, in your logic just the option is unsafe) would damage the image even harder... also TC has 1000 iterations and VC would have at least 10.000 or 30.000 which is 10 to 30 times better than TC. You could also argue that even 500.000 iterations would be too less, cause "dont give up security for speed!!!!11111" and you want to wait 5 hours until you realize you typed the wrong 64 character password in...
Malware could change the iteration count in the background without the user knowing. Well, if that is the case the malware could also read the data, probably read out the password and do much more efficient attacks on the drive than this "attack".
More code is giving the possibility for more bugs and this makes the software less secure. Well, that is bullshit, too, with that mindset you could not give Veracrypt ANY feature at all and changing the iteration number and creating a little menu to change the option is such a small fraction of the code...
You see, I really try to understand you but when looking at the facts objectively of both sides I am still convinced that given the user the option of choosing the iteration count with a minimum of 10.000 or 30.000 iterations is not making the software any weaker but a lot more userfriendly for those that need it!
But in life we have to make compromises and the idea to create a static and dynamic mode for the iterations is great and I would like that very much! Please do that, Mounir, then eveybody (except close minded people) would be happy!
Oh and by the way: I would call myself paranoid, too, you do not want to know what security systems I have installed in my apartment... but these systems have a nice analogy to Veracrypt: to be able to get in my apartment within 10 seconds but still beeing relatively secure I can not allow to have 20 EVVA MCS locks at my 5 steel doors and a 10 minute safety waiting period to get it. That would be totally unpractical.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-17
To be honest I am surprised your petulant foot-stamping and personal insults, including swearing, managed to get past the moderation.
You have just lost all credibility and are therefore irrelevant to this discussion.
Most of your figures are guesses and speculation. All your points were addressed and defeated in this thread. You have brought nothing new.
Creating new user names on the forum and constantly whimpering about the result here, will have no effect.
32bit bootloader will help to ease your impatience, I suggest you place equal effort into encouraging that feature implementation as you do to whining about the excellent brute force protection we currently enjoy.
But I guess I am not intelligent enough to talk with you
I accept your capitulation. You may be no wiser but you have certainly been better informed.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
Are we in kindergarden now? I am insulting YOU?
"People more intelligent than yourself attempted to argue this case, they were defeated in the link above.
[...]
VeraCypt is too secure for your needs, choose a weaker product."
Instead of giving arguments you only come up with the same topic link I already completely read and conspiracy theories, I have not a single account on the other forums where veracrypt is discussed, so it is very likely that there are a lot of people out there that want less iterations and not only one person that creates douzens of accounts...
Is it so hard for you to repeat how you "defeated" all my points? Give me the short form, don't be lazy and flee from a discussion, I am open-minded and when your bring up good arguments I might change my mind!
We do not need a splitted veracrypt community! We need to stay together!
And when you accept the option of static and dynamic iterations like Mounir proposed then we already have a solution!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Let's all go back to constructive exchanges and leave personal attacks and comments behind. I believe most of participants have good intentions towards VeraCrypt security and because of the strong positions of each, the heated debate may spin out of control. That's why I will delete any further posts that I deem non-constructive.
I want to reassure everybody that there is a place for everyone in the VeraCrypt community. Concerning the configuration capability asked for those who wish to speed things up, it will be available but as an extra download: either through a "VeraCrypt Lite" distribution or as an "addon" installable above the main VeraCrypt install and that will be clearly visible in the GUI.
Any thoughts about the new addon proposal?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
The addon is a nice idea, seems better than "VeraCrypt Lite". I'd like to read more about those GUI changes, though.
Mrere
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Mounir, I still prefer your original idea of Static Mode (which will be the default with the current iteration settings) and Dynamic Mode for user selection range to allow slower/faster mount times than the users having to download the addon.
I am proposing that the Dynamic Mode allow both lower and higher range values than the Static Mode.
I agree with you Mounir that having Static and Dynamic will not ruin VeraCrypt's security reputation no more than currently allowing a one character password with one warning message during the creation of volume or no password with one keyfile with no warning message during the volume creation has not damaged TrueCrypt's reputation as a strong encryption utility.
The user should have the various options based on their specific needs as to password length, keyfiles and Static or Dynamic Mode for iterations.
To me, the Dynamic Mode addon and VeraCrypt Lite proposals are unnecessary. Allow the user to select either Static or Dynamic.
Mounir, based on the heated discussion on both threads and participants pro/con to Dynamic Mode unable to reach a compromise on the various solutions will require you to make a decision that is guaranteed to not please everyone. Sometimes, you have to go with the idea that you think is the best approach.
What do you estimate the number of hours to complete each of the following?
Creating Static and Dynamic Modes (no addon, no VeraCrypt Lite)?
Creating VeraCrypt Lite?
Creating addon?
Creating 32-bit bootloader?
Creating 64-bit bootloader after the 32-bit bootloader has been released?
This would help the community prioritize the options based on the work effort. You have stated that the 32-bit bootloader will reduce the system volume mount duration by 2 or 3 times. For 64-bit OS's, will there be another reduction for system volume mount duration by 2 or 3 times over the 32-bit bootloader?
I want to thank you again Mounir for being open minded about these issues.
Edited to include VeraCrypt Lite as unnecessary.
Last edit: Enigma2Illusion 2015-01-18
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
Any thoughts about the new addon proposal?
Yes, I suggest you leave it until after the 32bit boot-loader has been created.
I doubt many but the most impatient user would mind the short delay in booting when the new boot-loader is installed.
Saving time not creating the weaker iteration Lite addon, will allow for more time to work on the new boot-loader which helps everyone.
"VeraCrypt Lite" distribution or as an "addon" installable above the main VeraCrypt install and that will be clearly visible in the GUI
If you are not going to create a clearly separate Lite version you need plenty of pop up windows and warnings. It is VeraCrypt's responsibility to warn the user they have weakened their protection and it is something not considered safe by VeraCrypt. If it was considered safe VeraCrypt would have had the same number TrueCrypt did, nothing has changed to justify an iteration drop, quite the contrary in fact.
You also need to consider malicious tampering, someone swapping the full VeraCrypt with a crippled Lite one. The 2 products need to be very distinctive, slipping in deliberate iteration weakening via an addon might become an attack option.
I was all for VeraCrypt Lite or addon a week ago, however the speed increases offered by the new boot-loader should remove the necessity for the Lite version altogether.
Don't forget, CipherShed will "hopefully" be released by then, Mrere can choose to employ it instead of VeraCrypt if the new boot loader does not meet his speed demands.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
Is it so hard for you to repeat how you "defeated" all my points? Give me the short form, don't be lazy
You are clearly impatient by nature. You are 1 of possibly 2 or 3 people who complained about the boot time delay out of the thousands of users. You are also too impatient to read and understand the link provided.
I find it odd you take the time to troll the forum and sourceforge and yet you require immediate access to your drive.
I do not think we should be taking much note of requests by users such as yourself. Your priorities are not compatible with the main aims of VeraCrypt.
However, as the new boot-loader will provide a significant speed increase without weakening security, I suggest you give it a try when it is released.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
To better identify my posts I will give myself a name now: Freeman.
I will be perfectly pleased when the 32bit bootloader is out there and then I don't see the need for lower iterations (as long as the boot time is under 20 seconds with good hardware and AES + SHA512 bit...)
But how long will it need for the new bootloader to be released? If it is more than one month I think the Addon will be the best solution. Make L0ck happy and display a big fat warning the user has to click okay when installing the addon.
What iterations will you use for the lowest setting then? 10.000? What about the idea of using a static and a dynamic mode?
OFFTOPIC: VeraCrypt does not officially support Windows 8.1, why? Will there be an option to convert TC system partitions to VC system partitions?
Freeman
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Windows 8.1 is supported. Where did you see that it is no officially supported.
Converting TC system partitions can be tricking if the system is running since the TC driver is handling all read/write operations. Implementing the conversion in offline more is not always feasible. That's why I'm not going to implement this.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
-
2015-01-18
Enigma2Illusion
I agree with you Mounir that having Static and Dynamic will not ruin VeraCrypt's security reputation
I'm sorry, I can't find where Mounir said that.
However I did notice this....
Mounir
I would like to keep the assurance that volumes created by the "full" build of VeraCrypt will have a high iterations count for those who need this.
.....
Mounir
but by separating the builds, those who will deploy the "full" build in an organization for example will have the assurance that all volumes created will meet a minimal security requirement.
The quotes above seem to contradict Enigma2Illusion's claim.
The discussion has been over for some time on the forum, you and Mrere need to accept that. A conclusion was reached, there is little point continuing to complain you didn't like the result.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The discussion has been over for some time on the forum, you and Mrere need to accept that. A conclusion was reached, there is little point continuing to complain you didn't like the result.
Mounir asked for additional feedback for his latest proposal of a downloadable addon and I provided Mounir with my feedback for the addon and gave my assessment of the iteration issue. I am not complaining. In my opinion Mounir will need to take a stand on the iteration issue and announce his decision which is not going to please everyone given that no agreement on the various solutions for pro/con of the Dynamic Mode can be reached.
Edited to fix grammar errors.
Last edit: Enigma2Illusion 2015-01-19
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thank you Enigma2Illusion for your previous post. I like this type of calm, professional and constructive posts and I'll prepare an adequate answer.
Since I started VeraCrypt, I have chosen paranoid level of iteration to give a fixed strength for the coming years. The configuration idea is something new and useful for a certain category of users and I'm willing to add in a form or another.
I'll post more details at the end of this very long thread...I didn't imagine that this subject will so controversial!!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Please cut the iteration count by 3/4. Even though this makes it 4x "weaker" in some peoples eyes, since computers double in power every 18 months, one would only have to wait 3 years to attack the iteration for the same level of success. Security does not come from high iteration counts, rather strong passwords. A high iteration count is just voodoo security, it's fake, and only idiots believe in it. But for us end-users, we can boot our computers in 15 seconds rather than 60.
It is users such as yourself the minimum iteration count is there to protect, you have no idea about encryption or how it works.
VeraCrypt is not a toy, it is REAL security. Try TrueCrypt or CipherShed instead.
You have just made the case for higher iterations.
You need to read what they do and why they are important.
You are just trolling now. There are only about 3 individual people making this request but they are disproportionally represented in the request section.
A clear case of choosing speed over security, VeraCrypt is not the appropriate encryption software for you.
I suggest you read and learn from this thread.
https://veracrypt.codeplex.com/discussions/577023
Their will be a configuration option to configure the iterations count, although I'm envisioning two builds of VeraCrypt that shares the same code but only differs by the minimal value of the lower bound of the iterations. The difference will apply only to the creation of the volumes ("VeraCrypt Format.exe") and it will not affect the bootloader or the mount tool "VeraCrypt.exe") which will be the same.
Anyway, once the code that handles dynamic iterations is implemented, it will be just a matter of #ifdef to separate the two versions. This way, it will much easier to maintain.
Of course, there is another opinion who asks for a simple switch or an option in the configuration file that will activate the mode where the lower bound value is smaller. Personally, I would like to keep the assurance that volumes created by the "full" build of VeraCrypt will have a high iterations count for those who need this. Technically speaking, volumes created by any of the two builds will have the same format and they can be mounted by any of the builds, but by separating the builds, those who will deploy the "full" build in an organization for example will have the assurance that all volumes created will meet a minimal security requirement.
Hey Mounir,
thanks for that!
Still I don't understand the logic behind your decision and I gave not up the fight hehehe...
When saying that there is the danger of users not knowing what the iteration count is and setting it accidentally too low (or simply they don't trust their own decision and want to "have the assurance that all volumes created will meet a minimal security requirement"), then there is the same possibility that they will use the "lite version" and do the same mistake or do other mistakes that are way more critical! Sorry, but these users would be really dumb and more likely to write their password down on a note at the fridge...
Also the iteration count is not anywhere as important as a strong password, that noob users are 10 times more likely to use... so I think it would be more useful to only create ONE version of Verycrypt that is able to set the iterations to 10.000 OR higher BUT in the process of creating such a volume the user gets a big fat warning that he has to click "okay".
I don't like the idea of having two versions of verycrypt, it is dividing the trust in it because now people had to compile TWO versions of the sourcecode to see if the .exes are true to the source.
So until you will be able to rewrite the bootloader to 32bit performance that would be the perfect solution, let the user decide and for the dumb users there is a huge warning. Hey, 10.000 iterations is still 10 times more than TC!
Don't split Verycrypt into two versions...
The separate Lite version is to protect the VeraCrypt name. Users who do not understand security will chose the Lite version for speed not security.
This leaves VeraCrypt full for REAL protection against a serious threat model.
10 times better than TC when TC was built many years ago does not even keep up with the rate of cracking power by adversaries.
Personally I would prefer all the people interested in speed over security to use CipherShed as I understand they may provide a weak iteration count to satisfy users with no threat model.
This discussion has been beaten to death many times, please do some basic research before reposting.
The logic is completely flawed. Veracrypt does not get weaker when it offers the possibility to use lower iterations. That is simply not true.
With that logic VC is not secure because it offers the possibility of a 1 character password. But that is just not true.
Why do people who don't need something want to take the liberty of other people away that need it when they can simply ignore it and use the higher iterations?
Do you fear that you can not trust your mind when encrypting a volume? Then check the volume details every day to see if you used SHA 512, a long password and high iterations... the problem is with YOU when you don't trust yourself and not the software that offers more possibilities.
And the name Verycrypt with your logic is damaged, too, because of the 1 character password. But it isn't. It's just an option.
Give me some logical ARGUMENTS and we can discuss.
Beating to death at this thread:
http://veracrypt.codeplex.com/discussions/577023
Most people are on the side to let the user decide if he wants high or low iterations. The software does not get insecure by letting the user decide.
You have just made the case for higher iterations.
You need to read what they do and why they are important.
You are just trolling now. There are only about 3 individual people making this request but they are disproportionally represented in the request section.
A clear case of choosing speed over security, VeraCrypt is not the appropriate encryption software for you.
I suggest you read and learn from this thread.
https://veracrypt.codeplex.com/discussions/577023
You need to study brute force protection.
There are reasons the lower limit is available, it is used for other things.
Likewise LOL
People more intelligent than yourself attempted to argue this case, they were defeated in the link above.
VeraCypt is too secure for your needs, choose a weaker product.
Like the title says....
Open source disk encryption with strong security for the Paranoid
You clearly do not face a threat model significant enough to induce paranoia, use CipherShed or Bitlocker.
read this tweet from Veracrypt's official Twitter account.
https://twitter.com/VeraCrypt_IDRIX/status/555283740394782720?s=01
I created a new VC volume and selected SHA-256 as hash and the mount speed was faster, about 50% faster. I suggest using SHA-256 if you want it fast and secure.
This way there's NO NEED to reduce iterations and at the same time we're all using the same and only full version of Veracrypt and not making Mounir Idrassi create a fork of a fork.
Maybe it would be a good solution and if explained well so that people who can't wait uses it, would reduce complaints and 'the need' for another version. I prefer one full version with complete and inmediate suport than two.
I also want to say thanks to Mounir for dedicating so much time and efforts on this project. It's a better reality now, a guy that's continously working on it, that answers back, that accepts suggestion, that we all know. We did not have this with the people that developed Truecrypt so let's not abuse of his time and resources.
I don't know if there's a hash algorithm that would be safe and faster than SHA-256. If it exists, adding it and explaining it and telling people that it is faster would help.
With ONE and only full version of Veracrypt.
Copy and paste from Codeplex forum.
"You need to study brute force protection."
First of all: stop thinking that you are god and everybody not beeing on the same side is dumb and unintelligent, okay? If you are that arrogant all the time nobody wants to discuss with you and honestly that is a shitty way of talking to other people, be polite! Thank you!
My statement "Veracrypt does not get weaker when it offers the possibility to use lower iterations." is completely true when you are able to understand it correctly and don't try to understand it wrong.
"There are reasons the lower limit is available, it is used for other things."
Ooooooh, and I thought that you should not make ANY compromise with security? You are a hyprocite! Decide for one side! Eat this: There are reasons the lower iteration option is availabe, it is used for people that have a strong password but need fast access to their laptop when doing business work.
""Why do people who don't need something want to take the liberty of other people away that need it"
Likewise LOL"
I don't want to take the option away to use higher iterations...
"People more intelligent than yourself attempted to argue this case, they were defeated in the link above."
Simply rude.
"VeraCypt is too secure for your needs, choose a weaker product."
And you think when you repeat these "wise" words you are doing anybody a favor? There are thousands of reasons why it makes more sense to use Veracrypt instead of other products although you want to use lower iterations.
"You clearly do not face a threat model significant enough to induce paranoia, use CipherShed or Bitlocker."
Don't tell me what to do, thank you very much! But I guess I am not intelligent enough to talk with you, it is funny you say that there are only 3 people requesting the lower iteration feature when there are at max 2 people trying to avoid this feature in the sourceforge forum. One of them is L0ck which I guess is you...
My guess is that over 70 percent of the Veracrypt users right now wishes the options for lower iterations. Again my question: can you give me LOGICAL arguments against such an option? You did not give me any...
The only reason against lower iteration options I could think of and found in the other discussion is the following:
Dumb people could accidentally (after 3 big fat warnings you have to click okay) use lower iteration and think they are fortknox safe against bruteforce with a weak password.
The image of Veracrypt could be damaged. That is bullshit because then the 1 character password (does not matter if there is any need for them, in your logic just the option is unsafe) would damage the image even harder... also TC has 1000 iterations and VC would have at least 10.000 or 30.000 which is 10 to 30 times better than TC. You could also argue that even 500.000 iterations would be too less, cause "dont give up security for speed!!!!11111" and you want to wait 5 hours until you realize you typed the wrong 64 character password in...
Malware could change the iteration count in the background without the user knowing. Well, if that is the case the malware could also read the data, probably read out the password and do much more efficient attacks on the drive than this "attack".
More code is giving the possibility for more bugs and this makes the software less secure. Well, that is bullshit, too, with that mindset you could not give Veracrypt ANY feature at all and changing the iteration number and creating a little menu to change the option is such a small fraction of the code...
You see, I really try to understand you but when looking at the facts objectively of both sides I am still convinced that given the user the option of choosing the iteration count with a minimum of 10.000 or 30.000 iterations is not making the software any weaker but a lot more userfriendly for those that need it!
But in life we have to make compromises and the idea to create a static and dynamic mode for the iterations is great and I would like that very much! Please do that, Mounir, then eveybody (except close minded people) would be happy!
Oh and by the way: I would call myself paranoid, too, you do not want to know what security systems I have installed in my apartment... but these systems have a nice analogy to Veracrypt: to be able to get in my apartment within 10 seconds but still beeing relatively secure I can not allow to have 20 EVVA MCS locks at my 5 steel doors and a 10 minute safety waiting period to get it. That would be totally unpractical.
To be honest I am surprised your petulant foot-stamping and personal insults, including swearing, managed to get past the moderation.
You have just lost all credibility and are therefore irrelevant to this discussion.
Most of your figures are guesses and speculation. All your points were addressed and defeated in this thread. You have brought nothing new.
https://veracrypt.codeplex.com/discussions/577023
Creating new user names on the forum and constantly whimpering about the result here, will have no effect.
32bit bootloader will help to ease your impatience, I suggest you place equal effort into encouraging that feature implementation as you do to whining about the excellent brute force protection we currently enjoy.
I accept your capitulation. You may be no wiser but you have certainly been better informed.
Are we in kindergarden now? I am insulting YOU?
"People more intelligent than yourself attempted to argue this case, they were defeated in the link above.
[...]
VeraCypt is too secure for your needs, choose a weaker product."
Instead of giving arguments you only come up with the same topic link I already completely read and conspiracy theories, I have not a single account on the other forums where veracrypt is discussed, so it is very likely that there are a lot of people out there that want less iterations and not only one person that creates douzens of accounts...
Is it so hard for you to repeat how you "defeated" all my points? Give me the short form, don't be lazy and flee from a discussion, I am open-minded and when your bring up good arguments I might change my mind!
We do not need a splitted veracrypt community! We need to stay together!
And when you accept the option of static and dynamic iterations like Mounir proposed then we already have a solution!
Let's all go back to constructive exchanges and leave personal attacks and comments behind. I believe most of participants have good intentions towards VeraCrypt security and because of the strong positions of each, the heated debate may spin out of control. That's why I will delete any further posts that I deem non-constructive.
I want to reassure everybody that there is a place for everyone in the VeraCrypt community. Concerning the configuration capability asked for those who wish to speed things up, it will be available but as an extra download: either through a "VeraCrypt Lite" distribution or as an "addon" installable above the main VeraCrypt install and that will be clearly visible in the GUI.
Any thoughts about the new addon proposal?
The addon is a nice idea, seems better than "VeraCrypt Lite". I'd like to read more about those GUI changes, though.
Mrere
Mounir, I still prefer your original idea of Static Mode (which will be the default with the current iteration settings) and Dynamic Mode for user selection range to allow slower/faster mount times than the users having to download the addon.
I am proposing that the Dynamic Mode allow both lower and higher range values than the Static Mode.
I agree with you Mounir that having Static and Dynamic will not ruin VeraCrypt's security reputation no more than currently allowing a one character password with one warning message during the creation of volume or no password with one keyfile with no warning message during the volume creation has not damaged TrueCrypt's reputation as a strong encryption utility.
The user should have the various options based on their specific needs as to password length, keyfiles and Static or Dynamic Mode for iterations.
To me, the Dynamic Mode addon and VeraCrypt Lite proposals are unnecessary. Allow the user to select either Static or Dynamic.
Mounir, based on the heated discussion on both threads and participants pro/con to Dynamic Mode unable to reach a compromise on the various solutions will require you to make a decision that is guaranteed to not please everyone. Sometimes, you have to go with the idea that you think is the best approach.
What do you estimate the number of hours to complete each of the following?
This would help the community prioritize the options based on the work effort. You have stated that the 32-bit bootloader will reduce the system volume mount duration by 2 or 3 times. For 64-bit OS's, will there be another reduction for system volume mount duration by 2 or 3 times over the 32-bit bootloader?
I want to thank you again Mounir for being open minded about these issues.
Edited to include VeraCrypt Lite as unnecessary.
Last edit: Enigma2Illusion 2015-01-18
Yes, I suggest you leave it until after the 32bit boot-loader has been created.
I doubt many but the most impatient user would mind the short delay in booting when the new boot-loader is installed.
Saving time not creating the weaker iteration Lite addon, will allow for more time to work on the new boot-loader which helps everyone.
If you are not going to create a clearly separate Lite version you need plenty of pop up windows and warnings. It is VeraCrypt's responsibility to warn the user they have weakened their protection and it is something not considered safe by VeraCrypt. If it was considered safe VeraCrypt would have had the same number TrueCrypt did, nothing has changed to justify an iteration drop, quite the contrary in fact.
You also need to consider malicious tampering, someone swapping the full VeraCrypt with a crippled Lite one. The 2 products need to be very distinctive, slipping in deliberate iteration weakening via an addon might become an attack option.
I was all for VeraCrypt Lite or addon a week ago, however the speed increases offered by the new boot-loader should remove the necessity for the Lite version altogether.
Don't forget, CipherShed will "hopefully" be released by then, Mrere can choose to employ it instead of VeraCrypt if the new boot loader does not meet his speed demands.
You are clearly impatient by nature. You are 1 of possibly 2 or 3 people who complained about the boot time delay out of the thousands of users. You are also too impatient to read and understand the link provided.
I find it odd you take the time to troll the forum and sourceforge and yet you require immediate access to your drive.
I do not think we should be taking much note of requests by users such as yourself. Your priorities are not compatible with the main aims of VeraCrypt.
However, as the new boot-loader will provide a significant speed increase without weakening security, I suggest you give it a try when it is released.
To better identify my posts I will give myself a name now: Freeman.
I will be perfectly pleased when the 32bit bootloader is out there and then I don't see the need for lower iterations (as long as the boot time is under 20 seconds with good hardware and AES + SHA512 bit...)
But how long will it need for the new bootloader to be released? If it is more than one month I think the Addon will be the best solution. Make L0ck happy and display a big fat warning the user has to click okay when installing the addon.
What iterations will you use for the lowest setting then? 10.000? What about the idea of using a static and a dynamic mode?
OFFTOPIC: VeraCrypt does not officially support Windows 8.1, why? Will there be an option to convert TC system partitions to VC system partitions?
Freeman
Hi Freeman,
Windows 8.1 is supported. Where did you see that it is no officially supported.
Converting TC system partitions can be tricking if the system is running since the TC driver is handling all read/write operations. Implementing the conversion in offline more is not always feasible. That's why I'm not going to implement this.
Enigma2Illusion
I'm sorry, I can't find where Mounir said that.
However I did notice this....
Mounir
.....
Mounir
The quotes above seem to contradict Enigma2Illusion's claim.
The discussion has been over for some time on the forum, you and Mrere need to accept that. A conclusion was reached, there is little point continuing to complain you didn't like the result.
http://sourceforge.net/p/veracrypt/discussion/features/thread/ec4a617c/#a2e2
Mounir asked for additional feedback for his latest proposal of a downloadable addon and I provided Mounir with my feedback for the addon and gave my assessment of the iteration issue. I am not complaining. In my opinion Mounir will need to take a stand on the iteration issue and announce his decision which is not going to please everyone given that no agreement on the various solutions for pro/con of the Dynamic Mode can be reached.
Edited to fix grammar errors.
Last edit: Enigma2Illusion 2015-01-19
Thank you Enigma2Illusion for your previous post. I like this type of calm, professional and constructive posts and I'll prepare an adequate answer.
Since I started VeraCrypt, I have chosen paranoid level of iteration to give a fixed strength for the coming years. The configuration idea is something new and useful for a certain category of users and I'm willing to add in a form or another.
I'll post more details at the end of this very long thread...I didn't imagine that this subject will so controversial!!