Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-12-31 10:59:44 -06:00
Code Activity

Documentation: Remove XHTML spec and fix errors (#1547)

Browse Source 
* Documentation: Remove XHTML spec and fix errors
None of the docs follow the XHTML specification, which means
that programs that expect this (such as Gnome Web) as it is advertised
as such, will completely fail to parse it as it is incorrect syntax. So
it is removed.

* Remove .chm files
This commit is contained in:
Jertzukka
2025-06-02 03:19:00 +03:00
committed by GitHub
parent d9c41e0dba
commit 4e112df0d2
335 changed files with 1607 additions and 1932 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
doc/html/en/Header Key Derivation.html
View File

@@ -1,6 +1,5 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>VeraCrypt - Free Open source disk encryption with strong security for the Paranoid</title>
@@ -38,20 +37,20 @@
<h1>Header Key Derivation, Salt, and Iteration Count</h1>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
Header key is used to encrypt and decrypt the encrypted area of the VeraCrypt volume header (for
<a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
<a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none">
system encryption</a>, of the keydata area), which contains the master key and other data (see the sections
<a href="Encryption%20Scheme.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
Encryption Scheme</a> and <a href="VeraCrypt%20Volume%20Format%20Specification.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
<a href="Encryption%20Scheme.html" style="text-align:left; color:#0080c0; text-decoration:none">
Encryption Scheme</a> and <a href="VeraCrypt%20Volume%20Format%20Specification.html" style="text-align:left; color:#0080c0; text-decoration:none">
VeraCrypt Volume Format Specification</a>). In volumes created by VeraCrypt (and for
<a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
system encryption</a>), the area is encrypted in XTS mode (see the section <a href="Modes%20of%20Operation.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
<a href="System%20Encryption.html" style="text-align:left; color:#0080c0; text-decoration:none">
system encryption</a>), the area is encrypted in XTS mode (see the section <a href="Modes%20of%20Operation.html" style="text-align:left; color:#0080c0; text-decoration:none">
Modes of Operation</a>). The method that VeraCrypt uses to generate the header key and the secondary header key (XTS mode) is PBKDF2, specified in PKCS #5 v2.0; see
<a href="References.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
<a href="References.html" style="text-align:left; color:#0080c0; text-decoration:none">
[7]</a>.</div>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
512-bit salt is used, which means there are 2<sup style="text-align:left; font-size:85%">512</sup> keys for each password. This significantly decreases vulnerability to 'off-line' dictionary/'rainbow table' attacks (pre-computing all the keys for a dictionary
of passwords is very difficult when a salt is used) [7]. The salt consists of random values generated by the
<a href="Random%20Number%20Generator.html" style="text-align:left; color:#0080c0; text-decoration:none.html">
<a href="Random%20Number%20Generator.html" style="text-align:left; color:#0080c0; text-decoration:none">
VeraCrypt random number generator</a> during the volume creation process. The header key derivation function is based on HMAC-SHA-512, HMAC-SHA-256, HMAC-BLAKE2S-256, HMAC-Whirlpool or HMAC-Streebog (see [8, 9, 20, 22]) &ndash; the user selects which. The length of the derived
key does not depend on the size of the output of the underlying hash function. For example, a header key for the AES-256 cipher is always 256 bits long even if HMAC-SHA-512 is used (in XTS mode, an additional 256-bit secondary header key is used; hence,
two 256-bit keys are used for AES-256 in total). For more information, refer to [7]. A large number of iterations of the key derivation function have to be performed to derive a header key, which increases the time necessary to perform an exhaustive search
@@ -85,5 +84,5 @@ Header keys used by ciphers in a cascade are mutually independent, even though t
for XTS mode, the first secondary key is used by Serpent, the second secondary key is used by Twofish, and the third secondary key by AES). Hence, even when an adversary has one of the keys, he cannot use it to derive the other keys, as there is no feasible
method to determine the password from which the key was derived (except for brute force attack mounted on a weak password).</div>
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
<a href="Random%20Number%20Generator.html" style="text-align:left; color:#0080c0; text-decoration:none; font-weight:bold.html">Next Section &gt;&gt;</a></div>
<a href="Random%20Number%20Generator.html" style="text-align:left; color:#0080c0; text-decoration:none; font-weight:bold">Next Section &gt;&gt;</a></div>
</div><div class="ClearBoth"></div></body></html>