Replying to Avatar threeseries

When I've created VeraCrypt volumes the software has me move around the mouse a lot to generate a bunch of entropy for the encryption keys. Maybe that means it's not relying on KDF the way LUKS is?
Avatar
geodesic 2y ago

No, that is generating entropy for the keyfile. Your keyfile is then encrypted with a password based KDF, just like LUKS. The exact details differ a bit, but the overall architecture is the same. Still need to use a memoryhard PBKDF to encrypt the keyfile.

Maybe VeraCrypt uses a memory hard PBKDF, in which case I would say it is as good as modern LUKS.

Reply to this note

Please Login to reply.

Discussion

No replies yet.