After a year and a half of development, the release of the VeraCrypt 1.26 project has been published, developing a fork of the TrueCrypt disk partition encryption system, which has ceased to exist. VeraCrypt is notable for replacing the RIPEMD-160 algorithm used in TrueCrypt with SHA-512 and SHA-256, increasing the number of hashing iterations, simplifying the build process for Linux and macOS, and eliminating problems identified during the audit of TrueCrypt source codes. The last official release of VeraCrypt 1.25.9 was published in February 2022. The code developed by the VeraCrypt project is distributed under the Apache 2.0 license, and borrowings from TrueCrypt continue to be distributed under the TrueCrypt License 3.0. Ready-made assemblies are generated for Linux, FreeBSD, Windows and macOS.
Among the changes in the new version:
- Added support for using bank smart cards that comply with the EMV standard as a key store for accessing non-system sections. EMV cards can be used in VeraCrypt without the need to separately configure the PKCS#11 module and without entering a PIN code. The contents of the key file are generated based on the unique data present on the card.
- Removed TrueCrypt compatibility mode. The latest version to support mounting or converting TrueCrypt partitions is VeraCrypt 1.25.9.
- Support for RIPEMD160 and GOST89 encryption algorithms has been completely removed. Partitions created using these algorithms can no longer be mounted using VeraCrypt.
- For standard and system encrypted partitions, it is possible to use a new algorithm for generating pseudo-random sequences (PRF, Pseudo-Random Function), using the BLAKE2s hash function.
- Changes in the Linux version:
- Improved compatibility with the Alpine Linux distribution and the standard C library musl.
- Resolved compatibility issues with Ubuntu 23.04 and wxWidgets 3.1.6+.
- The version of the wxWidgets framework in static assemblies has been updated to 3.2.2.1.
- The implementation of the pseudorandom number generator is brought into line with the official documentation and is similar in behavior to the implementation for Windows.
- Fixed a bug in the pseudorandom number generator that caused tests to fail when using the Blake2s algorithm.
- Problems with running the fsck utility have been resolved.
- The problem with choosing the wrong size for hidden partitions when using the mode of using all free disk space has been resolved.
- Fixed a crash when creating hidden partitions via the command line interface.
- Fixed errors in the text mode of the interface. Selecting exFAT and BTRFS file systems is prohibited if they are not compatible with the partitions being created.
- Compatibility with classic installers of older Linux distributions has been improved.
- A recommendation has been implemented to add an additional check to ensure that the primary and secondary keys do not match when creating partitions. Due to the use of a pseudo-random number generator when generating keys, a match of keys is unlikely and the check was added rather to completely eliminate hypothetical attacks.
- In builds for the Windows platform, memory protection mode is enabled by default, which prevents processes that do not have administrator privileges from reading the contents of VeraCrypt memory (may break compatibility with screen readers). Added protection against substitution of code into VeraCrypt memory by other processes. Improved implementation of memory encryption and the mode for quickly creating file containers. EFI Bootloader has improved support for the original Windows boot loader in crash recovery mode. An option has been added to the menu to mount without using the cache. Problems with increasing slowdown of Encrypt-In-Place encryption in large partitions have been resolved. Expander has added support for moving files and keys in drag&drop mode. A more modern dialog for selecting files and directories has been used, which is better compatible with Windows 11. The DLL safe loading mode has been improved.
- Support for older versions of Windows has ended. Windows 10 is stated as the minimum supported version. Theoretically, VeraCrypt can still run on Windows 7 and Windows 8/8.1, but testing for correct operation on these platforms is no longer carried out.
Source: opennet.ru