VeraCrypt

{{Short description|Free and open-source disk encryption utility}}

{{Infobox software

| name = VeraCrypt

| logo = VeraCrypt Logo.svg

| screenshot = VeraCrypt screenshot.png

| caption = VeraCrypt 1.17 on Windows 10

| developer = Mounir Idrassi{{cite web |url=https://github.com/idrassi |title=Mounir Idrassi (idrassi) |access-date=2025-06-07 |archive-url=https://web.archive.org/web/20250602084005/https://github.com/idrassi |archive-date=2025-06-02 |url-status=live}} via IDRIX (based in Paris, France){{cite web |title=Contact Us – IDRIX |url=https://www.idrix.fr/Root/mos/Contact_Us/Itemid,3/ |access-date=2025-06-07 |archive-url=https://web.archive.org/web/20250604203133/https://www.idrix.fr/Root/mos/Contact_Us/Itemid,3/ |archive-date=2025-06-04 |url-status=live}} and AM Crypto (based in Kobe, Japan){{cite web |url=https://amcrypto.jp/ |title=AM Crypto – Mounir IDRASSI – Cybersecurity & Cryptography Expert |access-date=2025-06-07 |archive-url=https://web.archive.org/web/20250606003242/https://amcrypto.jp/ |archive-date=2025-06-06 |url-status=live}}

| released = {{Start date and age|2013|06|22}}

| programming language = C, C++, Assembly

| operating system = {{plainlist|

| platform = IA-32, x86-64, AArch64 and armhf

| size =

| language count = 42

| language footnote = {{cite web|url=https://www.veracrypt.fr/code/VeraCrypt/tree/Translations?h=VeraCrypt_1.26.15|title= VeraCrypt – Free Open source disk encryption with strong security for the Paranoid |publisher=Veracrypt |access-date=2024-09-15}}

| genre = Disk encryption software

| website = {{URL|www.veracrypt.fr/en/Home.html}}

| license = Multi-licensed as Apache License 2.0 and TrueCrypt License 3.0{{cite web|url=https://www.veracrypt.fr/code/VeraCrypt/tree/License.txt|title=root/License.txt|website=VeraCrypt|publisher=TrueCrypt Foundation|date=17 Oct 2016|access-date=23 Jul 2018}}

}}

VeraCrypt is a free and open-source utility for on-the-fly encryption (OTFE).[https://veracrypt.fr "VeraCrypt Official Site"] The software can create a virtual encrypted disk that works just like a regular disk but within a file. It can also encrypt a partition{{cite web | url=https://veracrypt.fr/en/VeraCrypt%20Volume.html | title=VeraCrypt Volume | work=VeraCrypt Official Website | access-date=February 16, 2015}} or (in Windows) the entire storage device with pre-boot authentication.{{cite web |title=Operating Systems Supported for System Encryption |url=https://veracrypt.fr/en/Supported%20Systems%20for%20System%20Encryption.html |access-date=February 16, 2015 |work=VeraCrypt Official Website}}

VeraCrypt is a fork of the discontinued TrueCrypt project.{{cite web|url=https://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html|title=VeraCrypt a Worthy TrueCrypt Alternative|last=Rubens|first=Paul|date=October 13, 2014|work=eSecurity Planet|publisher=Quinstreet Enterprise|archive-url=https://web.archive.org/web/20181203174924/https://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html|archive-date=December 3, 2018|url-status=live|access-date=February 16, 2015}} It was initially released on 22 June 2013. Many security improvements have been implemented and concerns within the TrueCrypt code audits have been addressed. VeraCrypt includes optimizations to the original cryptographic hash functions and ciphers, which boost performance on modern CPUs.

Encryption scheme

VeraCrypt employs AES, Serpent, Twofish, Camellia, and Kuznyechik as ciphers. Version 1.19 stopped using the Magma cipher in response to a security audit.{{Cite web|url=https://www.theregister.co.uk/2016/10/18/veracrypt_audit/|title=Audit sees VeraCrypt kill critical password recovery, cipher flaws|last=Pauli|first=Darren|date=October 18, 2016|website=The Register|archive-url=https://web.archive.org/web/20181115210126/https://www.theregister.co.uk/2016/10/18/veracrypt_audit/|archive-date=November 15, 2018|url-status=live}} For additional security, ten different combinations of cascaded algorithms are available:{{cite web |title=Encryption Algorithms |work=VeraCrypt Documentation |publisher =IDRIX |url=https://www.veracrypt.fr/en/Encryption%20Algorithms.html |access-date=2018-03-31}}

  • AES–Twofish
  • AES–Twofish–Serpent
  • Camellia–Kuznyechik
  • Camellia–Serpent
  • Kuznyechik–AES
  • Kuznyechik–Serpent–Camellia
  • Kuznyechik–Twofish
  • Serpent–AES
  • Serpent–Twofish–AES
  • Twofish–Serpent

The cryptographic hash functions available for use in VeraCrypt are BLAKE2s-256, SHA-256, SHA-512, Streebog and Whirlpool.{{cite web |title=Hash Algorithms |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Hash%20Algorithms.html |access-date=2024-01-14}} VeraCrypt used to have support for RIPEMD-160 but it has since been removed in version 1.26.{{cite web |title=Changelog |publisher=IDRIX |url=https://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/ |access-date=2024-01-18 |archive-date=2022-04-07 |archive-url=https://web.archive.org/web/20220407224429/https://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/ |url-status=live}}

VeraCrypt's block cipher mode of operation is XTS.{{cite web |title=Modes of Operation |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Modes%20of%20Operation.html |access-date=2018-03-31}} It generates the header key and the secondary header key (XTS mode) using PBKDF2 with a 512-bit salt. By default they go through 200,000 or 500,000 iterations, depending on the underlying hash function used and whether it is system or non-system encryption.{{cite web |title=Header Key Derivation, Salt, and Iteration Count |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Header%20Key%20Derivation.html |access-date=2019-02-19}} The user can customize it to lower these numbers to as low as 2,048 and 16,000 respectively.

Security improvements

{{See also|TrueCrypt#Security audits}}

  • The VeraCrypt development team considered the TrueCrypt storage format too vulnerable to a National Security Agency (NSA) attack, so it created a new format incompatible with that of TrueCrypt. VeraCrypt versions prior to 1.26.5 are capable of opening and converting volumes in the TrueCrypt format.[https://www.veracrypt.fr/en/Release%20Notes.html "VeraCrypt Release Notes"]{{Cite magazine|last=Castle|first=Alex|date=March 2015|title=Where Are We At With TrueCrypt?|magazine=Maximum PC|page=59}} Since ver. 1.26.5 TrueCrypt compatibility is dropped.{{Cite web |title=VeraCrypt - Free Open source disk encryption with strong security for the Paranoid |url=https://www.veracrypt.fr/en/Release%20Notes.html |access-date=2023-09-12 |website=www.veracrypt.fr}}
  • An independent security audit of TrueCrypt released 29 September 2015 found TrueCrypt includes two vulnerabilities in the Windows installation driver allowing an attacker arbitrary code execution and privilege escalation via DLL hijacking.{{Cite web|url=https://www.pcworld.com/article/2987439/newly-found-truecrypt-flaw-allows-full-system-compromise.html|title=Newly found TrueCrypt flaw allows full system compromise|last=Constantin|first=Lucian|date=September 29, 2015|website=PCWorld|archive-url=https://web.archive.org/web/20190419205510/https://www.pcworld.com/article/2987439/newly-found-truecrypt-flaw-allows-full-system-compromise.html|archive-date=April 19, 2019|url-status=live}} This was fixed in VeraCrypt in January 2016.[http://seclists.org/oss-sec/2016/q1/58 CVE-2016-1281: TrueCrypt and VeraCrypt Windows installers allow arbitrary code execution with elevation of privilege]
  • While TrueCrypt uses 1,000 iterations of the PBKDF2-RIPEMD-160 algorithm for system partitions, VeraCrypt uses either 200,000 iterations (SHA-256, BLAKE2s-256, Streebog) or 500,000 iterations (SHA-512, Whirlpool) by default (which is customizable by user to be as low as 2,048 and 16,000 respectively). For standard containers and non-system partitions, VeraCrypt uses 500,000 iterations by default regardless of the hashing algorithm chosen (which is customizable by user to be as low as 16,000). While these default settings make VeraCrypt slower at opening encrypted partitions, it also makes password-guessing attacks slower.{{cite web|url=https://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html|title=VeraCrypt a worthy TrueCrypt Alternative|last=Rubens|first=Paul|date=June 30, 2016|website=eSecurity Planet|archive-url=https://web.archive.org/web/20181203174924/https://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html|archive-date=December 3, 2018|url-status=live}}
  • Additionally, since version 1.12, a new feature called "Personal Iterations Multiplier" (PIM) provides a parameter whose value is used to control the number of iterations used by the header key derivation function, thereby making brute-force attacks potentially even more difficult. VeraCrypt out of the box uses a reasonable PIM value to improve security, but users can provide a higher value to enhance security. The primary downside of this feature is that it makes the process of opening encrypted archives even slower.{{cite web|title=PIM|url=https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html|website=veracrypt.fr|access-date=7 June 2017}}{{cite web|url=https://thehackernews.com/2015/08/veracrypt-encryption-software.html#|title=Encryption Software VeraCrypt 1.12 Adds New PIM Feature To Boost Password Security|last=Khandelwal|first=Swati|date=11 August 2015|website=The Hacker News|archive-url=https://web.archive.org/web/20190410112025/https://thehackernews.com/2015/08/veracrypt-encryption-software.html|archive-date=10 April 2019|url-status=live|access-date=5 June 2017}}{{cite web|url=https://www.ghacks.net/2015/08/07/truecrypt-alternative-veracrypt-1-12-ships-with-interesting-pim-feature/|title=TrueCrypt alternative VeraCrypt 1.12 ships with interesting PIM feature|last=Brinkmann|first=Martin|date=7 August 2015|website=Ghacks|archive-url=https://web.archive.org/web/20190410112158/https://www.ghacks.net/2015/08/07/truecrypt-alternative-veracrypt-1-12-ships-with-interesting-pim-feature/|archive-date=10 April 2019|url-status=live|access-date=5 June 2017}}{{cite web|title=Transcript of Episode #582|url=https://www.grc.com/sn/sn-582.htm|website=GRC.com|access-date=5 June 2017}}
  • A vulnerability in the bootloader was fixed on Windows and various optimizations were made as well. The developers added support for SHA-256 to the system boot encryption option and also fixed a ShellExecute security issue. Linux and macOS users benefit from support for hard drives with sector sizes larger than 512. Linux also received support for the NTFS formatting of volumes.
  • Unicode passwords are supported on all operating systems since version 1.17 (except for system encryption on Windows).
  • VeraCrypt added the capability to boot system partitions using UEFI in version 1.18a.
  • Option to enable/disable support for the TRIM command for both system and non-system drives was added in version 1.22.
  • Erasing the system encryption keys from RAM during shutdown/reboot helps mitigate some cold boot attacks, added in version 1.24.
  • RAM encryption for keys and passwords on 64-bit systems was added in version 1.24.

= VeraCrypt audit =

QuarksLab conducted an audit of version 1.18 on behalf of the Open Source Technology Improvement Fund (OSTIF), which took 32 man-days. The auditor published the results on 17 October 2016.{{cite web|url=https://ostif.org/the-veracrypt-audit-results/|title=The VeraCrypt Audit Results|date=October 17, 2016|publisher=OSTIF|archive-url=https://web.archive.org/web/20190512115033/https://ostif.org/the-veracrypt-audit-results/|archive-date=May 12, 2019|url-status=live|access-date=October 18, 2016}}{{Cite report|url=https://blog.quarkslab.com/resources/2016-10-17-audit-veracrypt/16-08-215-REP-VeraCrypt-sec-assessment.pdf|title=VeraCrypt 1.18 Security Assessment|author=QuarksLab|date=October 17, 2016|publisher=OSTIF|access-date=October 18, 2016|archive-url=https://web.archive.org/web/20180807063348/https://blog.quarkslab.com/resources/2016-10-17-audit-veracrypt/16-08-215-REP-VeraCrypt-sec-assessment.pdf|archive-date=August 7, 2018|url-status=live}} On the same day, IDRIX released version 1.19, which resolved major vulnerabilities identified in the audit.{{cite web|url=http://blog.quarkslab.com/security-assessment-of-veracrypt-fixes-and-evolutions-from-truecrypt.html|title=Security Assessment of VeraCrypt: fixes and evolutions from TrueCrypt|last1=Bédrune|first1=Jean-Baptiste|last2=Videau|first2=Marion|date=October 17, 2016|publisher=QuarksLab|archive-url=https://web.archive.org/web/20190507093814/https://blog.quarkslab.com/security-assessment-of-veracrypt-fixes-and-evolutions-from-truecrypt.html|archive-date=May 7, 2019|url-status=live|access-date=October 18, 2016}}

Fraunhofer Institute for Secure Information Technology (SIT) conducted another audit in 2020, following a request by Germany's Federal Office for Information Security (BSI), and published the results in October 2020.{{Cite web|title=VeraCrypt / Forums / General Discussion: Germany BSI Security Evaluation of VeraCrypt|url=https://sourceforge.net/p/veracrypt/discussion/general/thread/1a04e8bf82/?limit=25#ed5f|access-date=2021-12-01|website=sourceforge.net}}{{cite web |url=https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Veracrypt/Veracrypt.html |title=Security Evaluation of VeraCrypt |publisher=Federal Office for Information Security (BSI) |date=2020-11-30 |accessdate=2022-07-27}}

Security precautions

There are several kinds of attacks to which all software-based disk encryption is vulnerable. As with TrueCrypt, the VeraCrypt documentation instructs users to follow various security precautions to mitigate these attacks,{{cite web | url=https://veracrypt.fr/en/Security%20Requirements%20and%20Precautions.html | title=Security Requirements and Precautions | publisher=IDRIX | work=VeraCrypt Documentation | access-date=February 16, 2015}} several of which are detailed below.

= Encryption keys stored in memory =

{{Main|Cold boot attack}}

File:Veracrypt Boot Loader.pngVeraCrypt stores its keys in RAM; on some personal computers DRAM will maintain its contents for several seconds after power is cut (or longer if the temperature is lowered). Even if there is some degradation in the memory contents, various algorithms may be able to recover the keys. This method, known as a cold boot attack (which would apply in particular to a notebook computer obtained while in power-on, suspended, or screen-locked mode), was successfully used to attack a file system protected by TrueCrypt versions 4.3a and 5.0a in 2008.{{Cite conference|last1=Halderman|first1=J. Alex|author-link=Alex Halderman|last2=Schoen|first2=Seth D.|last3=Heninger|first3=Nadia|last4=Clarkson|first4=William|last5=Paul|first5=William|last6=Calandrino|first6=Joseph A.|last7=Feldman|first7=Ariel J.|last8=Appelbaum|first8=Jacob|last9=Felten|first9=Edward W.|display-authors=1|date=July 2008|title=Lest We Remember: Cold Boot Attacks on Encryption Keys|url=https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf|url-status=live|conference=17th USENIX Security Symposium|archive-url=https://web.archive.org/web/20190512072757/https://www.usenix.org/legacy/event/sec08/tech/full_papers/halderman/halderman.pdf|archive-date=May 12, 2019}} With version 1.24, VeraCrypt added the option of encrypting the in-RAM keys and passwords on x64 editions of Windows, with a CPU overhead of less than 10%, and the option of erasing all encryption keys from memory when a new device is connected.

= Tampered hardware =

{{Main|Evil maid attack}}

VeraCrypt documentation states that VeraCrypt is unable to secure data on a computer if an attacker physically accessed it and VeraCrypt is then used on the compromised computer by the user again. This does not affect the common case of a stolen, lost, or confiscated computer.{{cite web | title =Physical Security | work =VeraCrypt Documentation | publisher =IDRIX | date = 2015-01-04 | url =https://veracrypt.fr/en/Physical%20Security.html | access-date =2015-01-04 }} The attacker having physical access to a computer can, for example, install a hardware or a software keylogger, a bus-mastering device capturing memory or install any other malicious hardware or software, allowing the attacker to capture unencrypted data (including encryption keys and passwords) or to decrypt encrypted data using captured passwords or encryption keys. Therefore, physical security is a basic premise of a secure system.{{cite web|url=https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html|title="Evil Maid" Attacks on Encrypted Hard Drives|last=Schneier|first=Bruce|author-link=Bruce Schneier|date=October 23, 2009|website=Schneier on Security|archive-url=https://web.archive.org/web/20140525232424/https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html|archive-date=May 25, 2014|url-status=live|access-date=May 24, 2014}}

Some kinds of malware are designed to log keystrokes, including typed passwords, that may then be sent to the attacker over the Internet or saved to an unencrypted local drive from which the attacker might be able to read it later, when they gain physical access to the computer.{{cite web | title =Malware | work =VeraCrypt Documentation | publisher =IDRIX | date = 2015-01-04 | url =https://veracrypt.fr/en/Malware.html | access-date =2015-01-04 }}

= Trusted Platform Module =

VeraCrypt does not take advantage of Trusted Platform Module (TPM). VeraCrypt FAQ repeats the negative opinion of the original TrueCrypt developers verbatim.{{cite web |date=2 July 2017 |title=FAQ |url=https://www.veracrypt.fr/en/FAQ.html |website=veracrypt.fr |publisher=IDRIX}} The TrueCrypt developers were of the opinion that the exclusive purpose of the TPM is "to protect against attacks that require the attacker to have administrator privileges, or physical access to the computer". The attacker who has physical or administrative access to a computer can circumvent TPM, e.g., by installing a hardware keystroke logger, by resetting TPM, or by capturing memory contents and retrieving TPM-issued keys. The condemning text goes so far as to claim that TPM is entirely redundant.{{Cite web |date=7 February 2012 |title=TrueCrypt User Guide |url=https://www.grc.com/misc/truecrypt/TrueCrypt%20User%20Guide.pdf |website=truecrypt.org |publisher=TrueCrypt Foundation |page=129 |via=grc.com}}

It is true that after achieving either unrestricted physical access or administrative privileges, it is only a matter of time before other security measures in place are bypassed.{{Cite web |last=Culp |first=Scott |date=2000 |title=Ten Immutable Laws Of Security (Version 2.0) |url=https://technet.microsoft.com/en-us/library/hh278941.aspx |url-status=dead |archive-url=https://web.archive.org/web/20151209191417/https://technet.microsoft.com/en-us/library/hh278941.aspx |archive-date=9 December 2015 |access-date= |website=TechNet Magazine |publisher=Microsoft |via=Microsoft TechNet}}{{Cite web |last=Johansson |first=Jesper M. |date=October 2008 |title=Security Watch Revisiting the 10 Immutable Laws of Security, Part 1 |url=https://technet.microsoft.com/en-us/library/2008.10.securitywatch.aspx |archive-url=https://web.archive.org/web/20170410043155/https://technet.microsoft.com/en-us/library/2008.10.securitywatch.aspx |archive-date=10 April 2017 |access-date= |website=TechNet Magazine |publisher=Microsoft |via=Microsoft TechNet}} However, stopping an attacker in possession of administrative privileges has never been one of the goals of TPM. (See {{Section link|Trusted Platform Module|Uses}} for details.) TPM might, however, reduce the success rate of the cold boot attack described above.{{cite web |year=2013 |title=LUKS support for storing keys in TPM NVRAM |url=https://github.com/shpedoikal/tpm-luks |url-status=live |archive-url=https://web.archive.org/web/20130916075234/https://github.com/shpedoikal/tpm-luks |archive-date=September 16, 2013 |access-date=December 19, 2013 |website=github.com}}{{cite web |last=Greene |first=James |year=2012 |title=Intel Trusted Execution Technology |url=http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf |url-status=live |archive-url=https://web.archive.org/web/20140611161421/http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/trusted-execution-technology-security-paper.pdf |archive-date=June 11, 2014 |access-date=December 18, 2013 |publisher=Intel |type=white paper}}{{cite book |url=https://books.google.com/books?id=cUhpq98Zb8AC&pg=PA124 |title=Autonomic and Trusted Computing: 4th International Conference |publisher=ATC |year=2007 |isbn=9783540735465 |format=Google Books |access-date=May 31, 2014 |archive-url=https://web.archive.org/web/20200819025756/https://books.google.com/books?id=cUhpq98Zb8AC&pg=PA124 |archive-date=August 19, 2020 |url-status=live}}{{cite book |last1=Pearson |first1=Siani |url=https://books.google.com/books?id=EWk2pLY7atgC |title=Trusted computing platforms: TCPA technology in context |last2=Balacheff |first2=Boris |publisher=Prentice Hall |year=2002 |isbn=978-0-13-009220-5 |access-date=July 21, 2016 |archive-url=https://web.archive.org/web/20170325040326/https://books.google.com/books?id=EWk2pLY7atgC |archive-date=March 25, 2017 |url-status=live}}{{cite web |title=SetPhysicalPresenceRequest Method of the Win32_Tpm Class |url=http://msdn.microsoft.com/en-us/library/aa376478(VS.85).aspx |url-status=live |archive-url=https://web.archive.org/web/20090519204808/http://msdn.microsoft.com/en-us/library/aa376478(VS.85).aspx |archive-date=May 19, 2009 |access-date=June 12, 2009 |publisher=Microsoft}} TPM is also known to be susceptible to SPI attacks.{{cite web |year=2022 |title=TPM Sniffing Attacks Against Non-Bitlocker Targets |url=https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-targets |url-status=live |archive-url=https://web.archive.org/web/20220630103114/https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-targets |archive-date=June 30, 2022 |access-date=November 30, 2022 |website=secura.com}}

Plausible deniability

As with its predecessor TrueCrypt, VeraCrypt supports plausible deniability{{cite web |title=Plausible Deniability |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Plausible%20Deniability.html |access-date=2018-03-31}} by allowing a single "hidden volume" to be created within another volume.{{cite web |title=Hidden Volume |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Hidden%20Volume.html |access-date =2018-03-31}} The Windows versions of VeraCrypt can create and run a hidden encrypted operating system whose existence may be denied.{{cite web |title=Hidden Operating System |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/VeraCrypt%20Hidden%20Operating%20System.html |access-date=2018-03-31}} The VeraCrypt documentation lists ways in which the hidden volume deniability features may be compromised (e.g., by third-party software which may leak information through temporary files or via thumbnails) and possible ways to avoid this.{{cite web |title=Security Requirements and Precautions Pertaining to Hidden Volumes |work=VeraCrypt Documentation |publisher=IDRIX |url=https://www.veracrypt.fr/en/Security%20Requirements%20for%20Hidden%20Volumes.html |access-date=2018-03-31}}

Performance

VeraCrypt supports parallelized{{cite web|title=VeraCrypt User Guide|url=https://veracrypt.fr/en/Parallelization.html |publisher=IDRIX|date=2015-01-04 |edition=1.0f}}{{Rp|63}} encryption for multi-core systems. On Microsoft Windows, pipelined read and write operations (a form of asynchronous processing){{Rp|63}} to reduce the performance hit of encryption and decryption. On processors supporting the AES-NI instruction set, VeraCrypt supports hardware-accelerated AES to further improve performance.{{Rp|64}} On 64-bit CPUs VeraCrypt uses optimized assembly implementation of Twofish, Serpent, and Camellia.

License and source model

VeraCrypt was forked from the since-discontinued TrueCrypt project in 2013, and originally contained mostly TrueCrypt code released under the TrueCrypt License 3.0. In the years since, more and more of VeraCrypt's code has been rewritten and released under the permissive Apache License 2.0.

The TrueCrypt license is generally considered to be source-available but not free and open source. The Apache license is universally considered to be free and open source. The mixed VeraCrypt license is widely but not universally considered to be free and open source.

On 28 May 2014 TrueCrypt ceased development under unusual circumstances,

{{cite web |url=https://www.theguardian.com/technology/2014/may/30/encryption-software-truecrypt-closes-doors |title=Encryption software TrueCrypt closes doors in odd circumstances |last=Buchanan |first=Bill |date=May 30, 2014 |website=The Guardian |access-date=April 9, 2022 }}

{{cite magazine |url=https://www.newyorker.com/news/news-desk/the-strange-origins-of-truecrypt-isiss-favored-encryption-tool |title=The Strange Origins of TrueCrypt, ISIS's Favored Encryption Tool |last=Ratliff |first=Evan |date=March 30, 2016

|magazine=The New Yorker |access-date=April 9, 2022 }}

{{cite web |url=https://medium.com/asecuritysite-when-bob-met-alice/the-fall-of-truecrypt-and-rise-of-veracrypt-44f910ed5162 |title=The Fall of TrueCrypt and Rise of VeraCrypt |last=Buchanan |first=Bill |date=Nov 5, 2018

|website=medium.com |publisher=Medium |access-date=April 9, 2022 }} and there exists no way to contact the former developers.

VeraCrypt is considered to be free and open source by:

  • PC World{{cite web |url=https://www.pcworld.com/article/410730/critical-flaws-found-in-open-source-encryption-software-veracrypt.html |title=Critical flaws found in open-source encryption software VeraCrypt |last=Constantin |first=Lucian |date=October 18, 2016 |website=pcworld.com |publisher=PC World |access-date=April 9, 2022 }}
  • Techspot{{cite web |url=https://www.techspot.com/guides/2069-how-to-encrypt-windows/ |title=How to Encrypt Files, Folders and Drives on Windows |last=Long |first=Heinrich |date=August 3, 2020 |website=techspot.com |publisher=Techspot |access-date=April 9, 2022 }}
  • DuckDuckGo's Open Source Technology Improvement Fund{{cite web |url=https://fossforce.com/2016/05/duckduckgo-gives-open-source-projects/ |title=DuckDuckGo Gives $225,000 to Open Source Projects |last=Hall |first=Christine |date=May 4, 2016 |website=fossforce.com |publisher=FOSS Force |access-date=April 9, 2022 }}{{cite web |url=https://ostif.org/a-special-thank-you-to-duckduckgo-for-supporting-ostif-and-veracrypt/ |title=A Special Thank You to DuckDuckGo for Supporting OSTIF and VeraCrypt |author= |date=May 3, 2016 |website=ostif.org |publisher=Open Source Technology Fund |access-date=April 9, 2022 }}
  • SourceForge{{cite web |url=https://sourceforge.net/projects/veracrypt/ |title=Need strong security? VeraCrypt is an open source disk encryption software that gives extra security against brute-force attacks |author= |date=February 8, 2020 |website=sourceforge.net |publisher=SourceForge |access-date=April 9, 2022 }}
  • Open Tech Fund{{cite web |url=https://www.opentech.fund/news/june-2018-monthly-report/ |title=Privacy and anonymity-enhancing operating system Tails continued the implementation of open-source disk encryption software VeraCrypt into the GNOME user interface |last=McDevitt |first=Dan |date= July 18, 2018 |website=opentech.fund |publisher=Open Technology Fund |access-date=April 9, 2022 }}
  • Fosshub{{cite web |url=https://www.fosshub.com/VeraCrypt.html |title=VeraCrypt is a free, open source disk encryption program |author= |date= Jan 17, 2021 |website=fosshub.com |publisher=FOSSHub |access-date=April 9, 2022 }}
  • opensource.com{{cite web |url=https://opensource.com/article/21/4/open-source-encryption |title=VeraCrypt offers open source file-encryption with cross-platform capabilities |last=Kenlon |first=Seth |date=April 12, 2021 |website=opensource.com |access-date=April 9, 2022 }}
  • fossmint{{cite web |url=https://www.fossmint.com/veracrypt-open-source-disk-encryption-software/ |title=Veracrypt – An Open Source Cross-Platform Disk Encryption Tool |last=Afolabi

|first=Jesse

|date=March 5, 2021 |website=fossmint.com |publisher=FOSSMINT |access-date=April 9, 2022 }}

VeraCrypt is not considered free and open source by:

  • Debian{{cite web |title=Debian Bug report logs - #814352: ITP: veracrypt -- Cross-platform on-the-fly encryption |url=https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814352 |website=bugs.debian.org |date=10 February 2016}} Debian considers all software that does not meet the guidelines of its DFSG to be non-free.

The original TrueCrypt license (but not necessarily the current combined VeraCrypt license) is not considered free and open source by:

  • The Free Software Foundation{{cite web |url=https://www.gnu.org/licenses/license-list.en.html#Truecrypt-3.0 |title=Nonfree Software Licenses |author= |date=January 12, 2022 |website=gnu.org |publisher=Free Software Foundation Licensing and Compliance Lab |access-date=April 9, 2022}}{{Cite web |title=Various Licenses and Comments about Them |url=https://www.gnu.org/licenses/license-list.html |url-status=live |archive-url=https://web.archive.org/web/20221230220836/https://www.gnu.org/licenses/license-list.html |archive-date=2022-12-30 |website=Free Software Foundation}}
  • At least one member of the Open Source Initiative (OSI). The director{{Citation|last=Phipps|first=Simon|title=TrueCrypt or false? Would-be open source project must clean up its act|date=2013-11-15|url=http://www.infoworld.com/d/open-source-software/truecrypt-or-false-would-be-open-source-project-must-clean-its-act-230862|work=InfoWorld|archive-url=https://web.archive.org/web/20190322135330/https://www.infoworld.com/article/2609745/truecrypt-or-false--would-be-open-source-project-must-clean-up-its-act.html|url-status=live|access-date=2014-05-20|archive-date=2019-03-22|author-link=Simon Phipps (programmer)}} expressed concern about an older version of the TrueCrypt license, but the OSI itself has not published a determination regarding either TrueCrypt or VeraCrypt.

Legal cases

In US v. Burns, the defendant had three hard drives, the first being a system partition which was later found to contain caches of deleted child pornography and manuals for how to use VeraCrypt, with the second being encrypted, and the third having miscellaneous music files. Even though the defendant admitted to having child pornography on his second hard drive, he refused to give the password to the authorities. Despite searching for clues of previously used passwords on the first drive, and inquiries to the FBI about any weaknesses to the VeraCrypt software that could be used to access the drive partition, and brute-forcing the partition with the alphanumeric character set as potential passwords, the partition could not be accessed. Due to the defendant confessing to having child pornography on the encrypted drive, the prosecution applied to force the defendant to give away the password under the foregone conclusion doctrine in the All Writs Act.{{Citation |title=US v. Burns |date=May 10, 2019 |url=https://scholar.google.com/scholar_case?case=16135496452212358302&q=veracrypt&hl=en&as_sdt=2006 |issue=1:18MJ307, 1:18CR492-1 |access-date=2023-08-22}}

In a search of a Californian defendant's apartment for accessing child pornography, a VeraCrypt drive that was over 900 Gigabytes was found as an external hard drive. The FBI was called to assist local law enforcement, but the FBI claimed to not have found a weakness in the VeraCrypt software. The FBI also denied having a backdoor within the VeraCrypt software. It was later found that another suspect had educated the defendant into using encryption to hide his photos and videos of child pornography. Because the defendant had admitted to having child pornography on the drive as a backup anyways and chat logs relating to the other suspect educating the defendant on how to use VeraCrypt, the foregone conclusion doctrine was used again.{{Citation |title=In the Matter of the Search of a Residence in Aptos, California 95003 |date=2018-03-20 |url=https://scholar.google.com/scholar_case?case=10773460282541696547&q=veracrypt&hl=en&as_sdt=2006 |issue=Case No. 17-mj-70656-JSC-1 |access-date=2023-08-22}}

See also

References

{{reflist}}