Documentation: Add entry about KDF, PBKDF2.

doc/chm/en/VeraCrypt.hhc

@@ -207,6 +207,20 @@
 			<param name="Local" value="Streebog.html">
 			</OBJECT>
 	</UL>
+	<LI> <OBJECT type="text/sitemap">
+		<param name="Name" value="Key Derivation Algorithms">
+		<param name="Local" value="Key Derivation Algorithms.html">
+		</OBJECT>
+	<UL>
+		<LI> <OBJECT type="text/sitemap">
+			<param name="Name" value="Argon2id">
+			<param name="Local" value="Argon2id.html">
+			</OBJECT>
+		<LI> <OBJECT type="text/sitemap">
+			<param name="Name" value="PBKDF2">
+			<param name="Local" value="pbkdf2.html">
+			</OBJECT>
+	</UL>
 	<LI> <OBJECT type="text/sitemap">
 		<param name="Name" value="Supported Operating Systems">
 		<param name="Local" value="Supported Operating Systems.html">

doc/chm/en/VeraCrypt.hhp

@@ -13,6 +13,7 @@ Title=VeraCrypt User Guide
 Acknowledgements.html
 Additional Security Requirements and Precautions.html
 AES.html
+Argon2id.html
 arrow_right.gif
 Authenticity and Integrity.html
 Authors.html
@@ -90,6 +91,7 @@ Incompatibilities.html
 Introduction.html
 Issues and Limitations.html
 Journaling File Systems.html
+Key Derivation Algorithms.html
 Keyfiles in VeraCrypt.html
 Keyfiles in VeraCrypt_Image_040.gif
 Keyfiles.html
@@ -111,6 +113,7 @@ Notation.html
 Paging File.html
 Parallelization.html
 paypal_30x30.png
+pbkdf2.html
 Personal Iterations Multiplier (PIM).html
 Personal Iterations Multiplier (PIM)_VeraCrypt_ChangePIM_Step1.png
 Personal Iterations Multiplier (PIM)_VeraCrypt_ChangePIM_Step2.png

doc/html/en/Argon2id.html

@@ -28,7 +28,7 @@
 <p>
 <a href="Documentation.html">Documentation</a>
 <img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
-<a href="Hash%20Algorithms.html">Hash Algorithms</a>
+<a href="Key%20Derivation%20Algorithms.html">Key Derivation Algorithms</a>
 <img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
 <a href="Argon2id.html">Argon2id</a>
 </p></div>
@@ -171,5 +171,4 @@ For more information about PIM values and their effect on Argon2id parameters, s
 Personal Iterations Multiplier (PIM)</a> section.
 </div>
 
-<p><a href="SHA-256.html" style="text-align:left; color:#0080c0; text-decoration:none; font-weight:bold">Next Section &gt;&gt;</a></p>
 </div><div class="ClearBoth"></div></body></html>

doc/html/en/Documentation.html

@@ -84,6 +84,11 @@
 <li><a href="BLAKE2s-256.html">BLAKE2s-256</a>
 </li><li><a href="SHA-256.html">SHA-256</a> </li><li><a href="SHA-512.html">SHA-512</a> </li><li><a href="Whirlpool.html">Whirlpool</a>
 </li><li><a href="Streebog.html">Streebog</a></li></ul>
+</li><li><strong><a href="Key%20Derivation%20Algorithms.html">Key Derivation Algorithms</a></strong>
+<ul>
+<li><a href="Argon2id.html">Argon2id</a></li>
+<li><a href="PBKDF2.html">PBKDF2</a></li>
+</ul>
 </li><li><strong><a href="Supported%20Operating%20Systems.html">Supported Operating Systems</a></strong>
 </li><li><strong><a href="Command%20Line%20Usage.html">Command Line Usage</a></strong>
 </li><li><strong><a href="Security%20Model.html">Security Model</a></strong>

doc/html/en/Key Derivation Algorithms.html

@@ -0,0 +1,51 @@
+<!DOCTYPE html>
+
+<html lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
+<meta name="description" content="VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files."/>
+<meta name="keywords" content="encryption, security"/>
+<link href="styles.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<div>
+<a href="Documentation.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
+</div>
+<div id="menu">
+    <ul>
+      <li><a href="Home.html">Home</a></li>
+      <li><a href="Code.html">Source Code</a></li>
+      <li><a href="Downloads.html">Downloads</a></li>
+      <li><a class="active" href="Documentation.html">Documentation</a></li>
+      <li><a href="Donation.html">Donate</a></li>
+      <li><a href="https://sourceforge.net/p/veracrypt/discussion/" target="_blank">Forums</a></li>
+    </ul>
+</div>
+<div>
+<p>
+<a href="Documentation.html">Documentation</a>
+<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
+<a href="Key%20Derivation%20Algorithms.html">Key Derivation Algorithms</a>
+</p></div>
+<div class="wikidoc">
+<h1>Key Derivation Algorithms</h1>
+
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+A key derivation function (KDF) transforms your password (and optional keyfiles) into cryptographic keys used to decrypt a VeraCrypt volume header. KDFs slow down brute-force attacks and protect against precomputation by incorporating a large random salt and a tunable work factor (e.g., iterations, memory).
+</div>
+
+<h3>Available Algorithms in VeraCrypt</h3>
+<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+<li style="text-align:left; margin-top:0px; margin-bottom:8px; padding:0px">
+<strong><a href="Argon2id.html" style="color:#0080c0; text-decoration:none">Argon2id</a>:</strong> A modern, memory-hard KDF (based on BLAKE2b internally). Recommended for new volumes. No separate hash selection is required.
+</li>
+<li style="text-align:left; margin-top:0px; margin-bottom:0px; padding:0px">
+<strong><a href="PBKDF2.html" style="color:#0080c0; text-decoration:none">PBKDF2-HMAC</a>:</strong> A widely deployed KDF that uses HMAC with a selectable hash function. Supported HMAC hashes in VeraCrypt:
+<a href="SHA-512.html" style="color:#0080c0; text-decoration:none">SHA-512</a>, <a href="SHA-256.html" style="color:#0080c0; text-decoration:none">SHA-256</a>, <a href="Whirlpool.html" style="color:#0080c0; text-decoration:none">Whirlpool</a>, <a href="BLAKE2s-256.html" style="color:#0080c0; text-decoration:none">BLAKE2s-256</a>, and <a href="Streebog.html" style="color:#0080c0; text-decoration:none">Streebog</a>.
+</li>
+</ul>
+
+
+</div>
+</div><div class="ClearBoth"></div></body></html>

doc/html/en/pbkdf2.html

@@ -0,0 +1,80 @@
+<!DOCTYPE html>
+
+<html lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
+<meta name="description" content="VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files."/>
+<meta name="keywords" content="encryption, security"/>
+<link href="styles.css" rel="stylesheet" type="text/css" />
+</head>
+<body>
+<div>
+<a href="Documentation.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
+</div>
+<div id="menu">
+    <ul>
+      <li><a href="Home.html">Home</a></li>
+      <li><a href="Code.html">Source Code</a></li>
+      <li><a href="Downloads.html">Downloads</a></li>
+      <li><a class="active" href="Documentation.html">Documentation</a></li>
+      <li><a href="Donation.html">Donate</a></li>
+      <li><a href="https://sourceforge.net/p/veracrypt/discussion/" target="_blank">Forums</a></li>
+    </ul>
+</div>
+<div>
+<p>
+<a href="Documentation.html">Documentation</a>
+<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
+<a href="Key%20Derivation%20Algorithms.html">Key Derivation Algorithms</a>
+<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
+<a href="PBKDF2.html">PBKDF2</a>
+</p></div>
+<div class="wikidoc">
+<h1>PBKDF2</h1>
+
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding:0px">
+PBKDF2 (Password-Based Key Derivation Function 2) is a widely used KDF that applies a pseudorandom function (HMAC) repeatedly to slow down password guessing. In VeraCrypt, PBKDF2 is available with several HMAC hash functions and is used to derive the keys that decrypt a volume header.
+</div>
+
+<h3>PBKDF2-HMAC Variants Supported in VeraCrypt</h3>
+<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding:0px">
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>PBKDF2-HMAC-<a href="SHA-512.html" style="color:#0080c0; text-decoration:none">SHA-512</a></strong></li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>PBKDF2-HMAC-<a href="SHA-256.html" style="color:#0080c0; text-decoration:none">SHA-256</a></strong></li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>PBKDF2-HMAC-<a href="Whirlpool.html" style="color:#0080c0; text-decoration:none">Whirlpool</a></strong></li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>PBKDF2-HMAC-<a href="BLAKE2s-256.html" style="color:#0080c0; text-decoration:none">BLAKE2s-256</a></strong></li>
+<li style="text-align:left; margin:0px 0px 0px 0px; padding:0px"><strong>PBKDF2-HMAC-<a href="Streebog.html" style="color:#0080c0; text-decoration:none">STREEBOG</a></strong></li>
+</ul>
+
+<h3>Parameters in VeraCrypt</h3>
+
+<h4>Salt</h4>
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding:0px">
+A 512-bit random salt (stored in the volume header) is mixed into the password to prevent precomputation and rainbow-table attacks.
+</div>
+
+<h4>Iteration Count</h4>
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding:0px">
+The number of PBKDF2 iterations depends on the selected HMAC hash, the context (e.g., system vs. non-system encryption), and the <a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html" style="color:#0080c0; text-decoration:none">PIM</a> value. Increasing PIM increases the iteration count and thus the time required to derive keys. For exact values and formulas, see <a href="Header%20Key%20Derivation.html" style="color:#0080c0; text-decoration:none">Header Key Derivation, Salt, and Iteration Count</a>.
+</div>
+
+<h4>Output Length</h4>
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding:0px">
+The derived key length depends on the selected encryption algorithm(s) (e.g., 256 bits for AES-256, 768 bits for AES-Twofish-Serpent cascades).
+</div>
+
+<h3>Advantages and Considerations</h3>
+<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding:0px">
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>Broad compatibility:</strong> PBKDF2 is widely supported across platforms and environments.</li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><strong>Low memory requirements:</strong> Suitable for constrained systems.</li>
+<li style="text-align:left; margin:0px 0px 0px 0px; padding:0px"><strong>Not memory-hard:</strong> Compared to <a href="Argon2id.html" style="color:#0080c0; text-decoration:none">Argon2id</a>, PBKDF2 offers less resistance to attacks using massively parallel hardware (GPUs/ASICs). Consider raising PIM if you must use PBKDF2.</li>
+</ul>
+
+<h3>Related Topics</h3>
+<ul style="text-align:left; margin-top:18px; margin-bottom:19px; padding:0px">
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><a href="Key%20Derivation%20Algorithms.html" style="color:#0080c0; text-decoration:none">Key Derivation Algorithms (overview)</a></li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><a href="Argon2id.html" style="color:#0080c0; text-decoration:none">Argon2id</a></li>
+<li style="text-align:left; margin:0px 0px 6px 0px; padding:0px"><a href="Header%20Key%20Derivation.html" style="color:#0080c0; text-decoration:none">Header Key Derivation, Salt, and Iteration Count</a></li>
+<li style="text-align:left; margin:0px 0px 0px 0px; padding:0px"><a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html" style="color:#0080c0; text-decoration:none">Personal Iterations Multiplier (PIM)</a></li>
+</ul>
+</div><div class="ClearBoth"></div></body></html>