mirror of
https://github.com/veracrypt/VeraCrypt
synced 2024-11-27 13:33:29 +01:00
Documentation: clearer description of how number of iterations are calculated
This commit is contained in:
parent
540fb52aca
commit
a077eb94ef
Binary file not shown.
@ -65,14 +65,16 @@ <h1>Header Key Derivation, Salt, and Iteration Count</h1>
|
||||
PIM </a>value is not specified or if it is equal to zero, VeraCrypt uses the default values expressed below:<br/>
|
||||
<ul>
|
||||
<li>For system partition encryption (boot encryption) that uses SHA-256, BLAKE2s-256 or Streebog, <strong>200000</strong> iterations are used.</li>
|
||||
<li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers, <strong>500000</strong> iterations are used.
|
||||
<li>For system encryption that uses SHA-512 or Whirlpool, <strong>500000</strong> iterations are used.</li>
|
||||
<li>For non-system encryption and file containers, all derivation algorithms will use <strong>500000</strong> iterations.
|
||||
</li></ul>
|
||||
</p>
|
||||
<p>When a <a href="Personal%20Iterations%20Multiplier%20%28PIM%29.html">
|
||||
PIM </a>value is given by the user, the number of iterations of the key derivation function is calculated as follows:</p>
|
||||
<ul>
|
||||
<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong>
|
||||
</li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
</li><li>For non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
</li></ul>
|
||||
</div>
|
||||
<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
|
||||
|
@ -44,7 +44,9 @@ <h1>PIM</h1>
|
||||
Header Key Derivation</a>).</p>
|
||||
<p>When a PIM value is specified, the number of iterations is calculated as follows:</p>
|
||||
<ul>
|
||||
<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong> </li><li>For system encryption that uses SHA-512 or Whirlpool, non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
<li>For system encryption that doesn't use SHA-512 or Whirlpool: Iterations = <strong>PIM x 2048</strong>
|
||||
</li><li>For system encryption that uses SHA-512 or Whirlpool: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
</li><li>For non-system encryption and file containers: Iterations = <strong>15000 + (PIM x 1000)</strong>
|
||||
</li></ul>
|
||||
<p>Prior to version 1.12, the security of a VeraCrypt volume was only based on the password strength because VeraCrypt was using a fixed number of iterations.<br>
|
||||
With the introduction of PIM, VeraCrypt has a 2-dimensional security space for volumes based on the couple (Password, PIM). This provides more flexibility for adjusting the desired security level while also controlling the performance of the mount/boot operation.</p>
|
||||
|
Loading…
Reference in New Issue
Block a user