diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm index 47a9fc0c..976ee1a4 100644 Binary files a/doc/chm/VeraCrypt User Guide.chm and b/doc/chm/VeraCrypt User Guide.chm differ diff --git a/doc/chm/en/VeraCrypt.hhc b/doc/chm/en/VeraCrypt.hhc index 3c2223c7..bf6f0bfc 100644 --- a/doc/chm/en/VeraCrypt.hhc +++ b/doc/chm/en/VeraCrypt.hhc @@ -207,6 +207,20 @@ +
  • + + + +
  • diff --git a/doc/chm/en/VeraCrypt.hhp b/doc/chm/en/VeraCrypt.hhp index 50f3c93e..3df7306d 100644 --- a/doc/chm/en/VeraCrypt.hhp +++ b/doc/chm/en/VeraCrypt.hhp @@ -13,6 +13,7 @@ Title=VeraCrypt User Guide Acknowledgements.html Additional Security Requirements and Precautions.html AES.html +Argon2id.html arrow_right.gif Authenticity and Integrity.html Authors.html @@ -90,6 +91,7 @@ Incompatibilities.html Introduction.html Issues and Limitations.html Journaling File Systems.html +Key Derivation Algorithms.html Keyfiles in VeraCrypt.html Keyfiles in VeraCrypt_Image_040.gif Keyfiles.html @@ -111,6 +113,7 @@ Notation.html Paging File.html Parallelization.html paypal_30x30.png +pbkdf2.html Personal Iterations Multiplier (PIM).html Personal Iterations Multiplier (PIM)_VeraCrypt_ChangePIM_Step1.png Personal Iterations Multiplier (PIM)_VeraCrypt_ChangePIM_Step2.png diff --git a/doc/html/en/Argon2.html b/doc/html/en/Argon2id.html similarity index 98% rename from doc/html/en/Argon2.html rename to doc/html/en/Argon2id.html index 73b72a80..73f3845b 100644 --- a/doc/html/en/Argon2.html +++ b/doc/html/en/Argon2id.html @@ -28,7 +28,7 @@

    Documentation >> -Hash Algorithms +Key Derivation Algorithms >> Argon2id

    @@ -171,5 +171,4 @@ For more information about PIM values and their effect on Argon2id parameters, s Personal Iterations Multiplier (PIM) section. -

    Next Section >>

    diff --git a/doc/html/en/Documentation.html b/doc/html/en/Documentation.html index d4fc0559..2ebf6bb8 100644 --- a/doc/html/en/Documentation.html +++ b/doc/html/en/Documentation.html @@ -84,6 +84,11 @@
  • BLAKE2s-256
  • SHA-256
  • SHA-512
  • Whirlpool
  • Streebog
    • +
  • Key Derivation Algorithms +
  • Supported Operating Systems
  • Command Line Usage
  • Security Model diff --git a/doc/html/en/Key Derivation Algorithms.html b/doc/html/en/Key Derivation Algorithms.html new file mode 100644 index 00000000..1e222f9b --- /dev/null +++ b/doc/html/en/Key Derivation Algorithms.html @@ -0,0 +1,51 @@ + + + + + +VeraCrypt - Free Open source disk encryption with strong security for the Paranoid + + + + + +
    +VeraCrypt +
    + +
    +

    +Documentation +>> +Key Derivation Algorithms +

    +
    +

    Key Derivation Algorithms

    + +
    +A key derivation function (KDF) transforms your password (and optional keyfiles) into cryptographic keys used to decrypt a VeraCrypt volume header. KDFs slow down brute-force attacks and protect against precomputation by incorporating a large random salt and a tunable work factor (e.g., iterations, memory). +
    + +

    Available Algorithms in VeraCrypt

    +
      +
    • +Argon2id: A modern, memory-hard KDF (based on BLAKE2b internally). Recommended for new volumes. No separate hash selection is required. +
      • +
    • +PBKDF2-HMAC: A widely deployed KDF that uses HMAC with a selectable hash function. Supported HMAC hashes in VeraCrypt: +SHA-512, SHA-256, Whirlpool, BLAKE2s-256, and Streebog. +
      • +
    + + +
    +
    diff --git a/doc/html/en/pbkdf2.html b/doc/html/en/pbkdf2.html new file mode 100644 index 00000000..9b94621b --- /dev/null +++ b/doc/html/en/pbkdf2.html @@ -0,0 +1,80 @@ + + + + + +VeraCrypt - Free Open source disk encryption with strong security for the Paranoid + + + + + +
    +VeraCrypt +
    + +
    +

    +Documentation +>> +Key Derivation Algorithms +>> +PBKDF2 +

    +
    +

    PBKDF2

    + +
    +PBKDF2 (Password-Based Key Derivation Function 2) is a widely used KDF that applies a pseudorandom function (HMAC) repeatedly to slow down password guessing. In VeraCrypt, PBKDF2 is available with several HMAC hash functions and is used to derive the keys that decrypt a volume header. +
    + +

    PBKDF2-HMAC Variants Supported in VeraCrypt

    + + +

    Parameters in VeraCrypt

    + +

    Salt

    +
    +A 512-bit random salt (stored in the volume header) is mixed into the password to prevent precomputation and rainbow-table attacks. +
    + +

    Iteration Count

    +
    +The number of PBKDF2 iterations depends on the selected HMAC hash, the context (e.g., system vs. non-system encryption), and the PIM value. Increasing PIM increases the iteration count and thus the time required to derive keys. For exact values and formulas, see Header Key Derivation, Salt, and Iteration Count. +
    + +

    Output Length

    +
    +The derived key length depends on the selected encryption algorithm(s) (e.g., 256 bits for AES-256, 768 bits for AES-Twofish-Serpent cascades). +
    + +

    Advantages and Considerations

    +
      +
    • Broad compatibility: PBKDF2 is widely supported across platforms and environments.
      • +
    • Low memory requirements: Suitable for constrained systems.
      • +
    • Not memory-hard: Compared to Argon2id, PBKDF2 offers less resistance to attacks using massively parallel hardware (GPUs/ASICs). Consider raising PIM if you must use PBKDF2.
      • +
    + +

    Related Topics

    + +