![]() For example, a header key for the AES-256 cipher is always 256 bits long even if HMAC-RIPEMD-160 is used (in XTS mode, an additional 256-bit secondary header key is used hence, two 256-bit keys are used for AES-256 in total).ĭecryption is considered successful if the first 4 bytes of the decrypted data contain the ASCII string “VERA”, and if the CRC-32 checksum of the last 256 bytes of the decrypted data (volume header) matches the value located at byte #8 of the decrypted data (this value is unknown to an adversary because it is encrypted – see the section VeraCrypt Volume Format Specification). The length of the derived key does not depend on the size of the output of the underlying hash function. The header key derivation function is based on HMAC-SHA-512, HMAC-SHA-256, HMAC-RIPEMD-160, or HMAC-Whirlpool (see ) – the user selects which. The salt consists of random values generated by the VeraCrypt random number generator during the volume creation process. This significantly decreases vulnerability to 'off-line' dictionary/'rainbow table' attacks (pre-computing all the keys for a dictionary of passwords is very difficult when a salt is used). In other words, the HEADER is not the HASH itself from which the key is compared with.Įdit: The documentation explains how the Header Key Derivation is done:ġ2-bit salt is used, which means there are 2512 keys for each password. To Decrypt the HEADER, the correct password must generate a HEADER KEY (two keys, actually) using a derivation function from the selected HASH Algorithm. Those Master Keys were created using RNG based on the HASH. Reading the documentation, this is what I understood (please, feel free to correct me if I’m wrong):įor simplification’s sake, let’s consider a non-system volume, no hidden volumes and no Cascade.Īn encrypted HEADER is generated containing two Master Keys (Primary and Secondary). ![]() I’m a layman in security and was trying to understand how hashes and encryption algorithms are used in Veracrypt/Truecrypt.
0 Comments
Leave a Reply. |