Activity for Robert J
-
Robert J posted a comment on discussion Technical Topics
By the way, how can you tell what the default number has been for UEFI system encryption? I don't know if it's been 200000 or 500000 for SHA-512 / Whirlpool / Streebog. It should be in the source code but I don't know where to find it inside.
-
Windows Event Viewer only shows minor notifications from VeraCrypt that do not seem to be related to the errors I encountered. I have no system-favorite volumes, and the Event Viewer's only information suggests that VeraCrypt is sending out notifications every time my system boots up without mounting any favorite volumes.
-
Oh, I didn't realize that MBR has those restrictions. Thanks for the help with this ticket!
-
Do you know if it's a linear change, like if I go from 500,000 to 1,000,000, will it be just about 2x as long, or will it be some kinda huge logarithmic time?
-
Newer versions of VeraCrypt do support HMAC-SHA-512 / Whirlpool / Streebog for system encryption, I just checked and all those options are there, at least for single-boot Windows. I don't know when these were added, but versions from about four years ago only had SHA-256 / RIPEMD-160, which seems like what the documentation is accurate for. (It needs to be updated)
-
Thank you very much!
-
Is there any chance that we could see SHA-3 support for VeraCrypt in the near future? Also, I think I found a small error in the documentation: https://www.veracrypt.fr/en/Header%20Key%20Derivation.html "For system partition encryption (boot encryption), 200000 iterations are used for the HMAC-SHA-256 derivation function and 327661 iterations are used for HMAC-RIPEMD-160." Shouldn't this include all "HMAC-SHA-512, HMAC-SHA-256 and HMAC-Whirlpool" for the 200000 section, rather than just HMAC-SHA-256?...
-
If I increase my number of iterations, will it slow down read/writing, or just the initial decryption process? I'm considering increasing my amount soon. Also, is there any way to quantify how much more entropy is added by increasing iterations? I've read a variety of different posts on this, but nobody seems to explain their reasoning behind any of their numbers.
-
Is there any chance that we could see SHA-3 support for VeraCrypt in the near future? Also, I think I found a small error in the documentation: https://www.veracrypt.fr/en/Header%20Key%20Derivation.html "For system partition encryption (boot encryption), 200000 iterations are used for the HMAC-SHA-256 derivation function and 327661 iterations are used for HMAC-RIPEMD-160." Shouldn't this include all "HMAC-SHA-512, HMAC-SHA-256 and HMAC-Whirlpool" for the 200000 section, rather than just HMAC-SHA...
-
I'll have check that tomorrow. Something to note is that I have two internal drives, and a handful of external ones. The internal ones never had issues when transferring or creating containers/volumes, but the external drives had many issues.
-
I'm on a 64-bit Windows 10 computer running the latest version of VeraCrypt, though I've never seen where to enable/disable RAM encryption within the settings. Where would I find it, or does this mean that my system isn't supporting the feature?
-
I also don't understand why having a longer password is better than a shorter one. If you have some super random 10 character long one, why is it less secure than a super random 20 character long one? Are we just assuming that a bruteforce would start from passwords of length 1 and move up, therefore running into length 10s before length 20s?
-
I'm really confused about why increasing the number of iterations has any potential to increase security. If you use an algorithm like SHA-512 or Whirlpool, and your password is sufficiently strong (~20+ characters), why would you ever need more than one iteration? If you had a system that could computer 2^512 in a quick amount of time, it would eventually run into your one single combination that would unlock your data. Doing more iterations would change which combination you have, but I don't see...
-
Since updating from 1.24 Update-6 to 1.24 Update-7 on Windows version 1909, I have had perfectly fine encrypted drives start to autodismount at random times. I believe the drives had been created with Update-5 or Update-6, one of those two, and they never had problems like this in the past. The dismounting tends to happen when copying files over to the encrypted external drives, but can also happen when browsing data that is already contained on them. This happened consistently when using different...
-
Since updating from 1.24 Update-6 to 1.24 Update-7 on Windows version 1909, I have had perfectly fine encrypted drives start to autodismount at random times. I believe the drives had been created with Update-5 or Update-6, one of those two, and they never had problems like this in the past. The dismounting tends to happen when copying files over to the encrypted external drives, but can also happen when browsing data that is already contained on them. This happened consistently when using different...
-
If you are setting up full disk encryption on Windows and create a rescue disk onto a USB drive, is it safe to eject the USB drive immediately after it creates the rescue disk? (assuming you successfully verified the rescue disk, or just skipped the verification) I just want to make sure it's safe, I wasn't sure if it should stay plugged in until the entire encryption process is completed and you're able to power off the system, or if actually leaving it the whole time might cause issues somehow...
-
Another quick thing I had wanted to say - if VeraCrypt has some way to manage all areas marked as bad, either by trying to encrypt it, or write random data or some sequence of 0's and/or 1's to all the bad blocks, doing so would immediately solve this potential problem. I'm not even sure if this is possible, though, because drives might forbid and even hide areas that are marked as corrupted. Again, I just don't know about this, but it seems like a potential problem that might be serious.
-
Hello everyone. My questions pertain specifically to flash drive and SSD technologies (for example, if you store data on a thumb drive or an internal/external SSD), though other users could potentially find this information very important for hard drives as well. Here are my scenarios. Say I have just completed a full disk encryption on Windows (the system partition or entire system drive), or I have just completed encrypting a non-system partiton/drive, what happens if any of the blocks on the drive...
-
Hello everyone. My questions pertain specifically to flash drive and SSD technologies (for example, if you store data on a thumb drive or an internal/external SSD), though other users could potentially find this information very important for hard drives as well. Here are my scenarios. Say I have just completed a full disk encryption on Windows (the system partition or entire system drive), or I have just completed encrypting a non-system partiton/drive, what happens if any of the blocks on the drive...
-
Hello everyone. My questions pertain specifically to flash drive and SSD technologies (for example, if you store data on a thumb drive or an internal/external SSD), though other users could potentially find this information very important for hard drives as well. Here are my scenarios. Say I have just completed a full disk encryption on Windows (the system partition or entire system drive), or I have just completed encrypting a non-system partiton/drive, what happens if any of the blocks on the drive...
1
