VeraCrypt Is the New TrueCrypt -- and It's Better

New submitter poseur writes: If you're looking for an alternative to TrueCrypt, you could do worse than VeraCrypt, which adds iterations and corrects weaknesses in TrueCrypt's API, drivers and parameter checking. According to the article, "In technical terms, when a system partition is encrypted, TrueCrypt uses PBKDF2-RIPEMD160 with 1,000 iterations. For standard containers and other (i.e. non system) partitions, TrueCrypt uses at most 2,000 iterations. What Idrassi did was beef up the transformation process. VeraCrypt uses 327,661 iterations of the PBKDF2-RIPEMD160 algorithm for system partitions, and for standard containers and other partitions it uses 655,331 iterations of RIPEMD160 and 500,000 iterations of SHA-2 and Whirlpool, he said. While this makes VeraCrypt slightly slower at opening encrypted partitions, it makes the software a minimum of 10 and a maximum of about 300 times harder to brute force."

Re:Oblig xkcd

[Will_Malverson]

I've posted this before, but I want to get this idea out there:

Here's how to make your password truly secure, if you really have something you want to hide:

1) Get fifty dollar bills. Maybe get some fives and tens mixed in with them. Total cost less than $100.

2) Shuffle them into a random order.

3) Set your Truecrypt (or Veracrypt, or whatever) password to be the hundred-digit number formed by taking the two least significant digits of the bills' serial numbers, in order.

4) Keep the stack of cash next to your computer, and make sure you don't let it get out of order. If you lose - or even just drop - the stack, it's game over. If/when you find yourself starting to remember the password and able to enter it without referring to the stack, shuffle the stack and change your password.

5) If an adversary raids your house, chances are that the stack of cash will simply vanish into a pocket. And if that doesn't happen, odds are pretty good that the stack will be scrambled, especially if there are different denominations mixed in.

6) At this point, your password is well and truly gone. No amount of rubber hose cryptography can bring it back.

7) The best part about this plan is you don't have to actually do it. Your password can be your dog's name, as long as you're willing to stick to your story - and it helps if you actually keep a stack of cash next to your computer - that you did steps 1-4.

Re:You'll give them the password

[Boronx]

Never make a deal with a prosecutor without a judge approved plea bargain.

A coworker was in a car accident with her sister driving. The prosecutor told her sister: "We're charing you with reckless driving. Just plead guilty and you'll get off with a small fine. I'll ask the judge to be lenient."

They charged her with assault on her own sister. Confused, she pled guilty anyway, like she said she would. The prosecutor asked for the maximum penalty which includes jail time, and got it.

Re:don't get it

[craigm4980]

You're doing it wrong. It's trivial to set up PBKDF2-RIPEMD160 rainbow tables just as with any other encryption or hashing algorithm. You're still going to try decrypting the same root directory block with the IKs until you get back a valid block, at which time you can decrypt the whole volume with the IK and do a reverse lookup to get the original password as a bonus.

Just use a salt, and that problem is solved. It forces you to incur the full cost for every different drive (making the tables useless). A reverse hash table for all possible 160 bit outputs wouldn't fit in the observable universe, so that's not a real threat.

Re:CipherShed

[AmiMoJo]

I'm more inclined to trust CipherShed at this point. That code has been audited, we know there are some potential issues but nothing major. In fact we know it is good enough for the NSA to try to shut it down, which only adds credibility.

The changes in VeraCrypt might be improvements, but they might also introduce issues. The further it gets from TrueCrypt the more potential there is for things to go wrong.