What exactly is the randomness from the mouse movement used for?
Open source disk encryption with strong security for the Paranoid
Brought to you by:
idrassi
Menu
▾
▴
So the randomness is used to have harder to reproduce noise as randomness, and it would make sense if the randomness is used to derive the volume data key (the key that encrypts the entire volume). That randomness can then be thrown away since the volume data key will be stored in the volume header.
Iiuc, the volume header contains the volume data key, as well as other metadata like presumably where the root is etc..
Is the volume header in itself entirely encrypted or does it have clear parts and encrypted parts?
I stumbled across this because when I was changing my volume password, it queried me for the random pool again.
I don't understand why, and GPT says that it is to generate a random salt for the derivation of the volume header key, in case the entropy of the password wouldn't be enough, but that doesn't make sense, since if we introduce randomness here that salt would have to be stored in clear, defeating its purpose.
The random pool is also not used to rederive the volume data key, since the volume isnt reencrypted with a different key on password change, so why does it prompt me for random mouse movements on passwor d change?
You should really have a look at the documentation. As far as I can tell, all your question should be covered by it. A good starting point would be the following link, which contains links to further information.
https://veracrypt.fr/en/Creating%20New%20Volumes.html
Greets
Edit: typo
Last edit: RealTehreal 2024-03-07