Keyfiles

Topics: Feature Requests
Nov 8, 2014 at 11:31 AM
Please could you allow the user to define a number of keyfiles to be created ?

This would be useful as the user could create 1000, or more keyfiles in a given folder. A single keyfile or a selection of any number of these keyfiles can be used to encrypt a container. They can even be combined with a typed password.

Although somewhat "security by obscurity" the idea does have merit. It creates doubt and uncertainty in the attackers mind. The generated keyfiles may not even be used in the encryption process, but their presence greatly multiplies any brute force attack and workload.

Creating keyfiles one by one is tiresome to the user and prevents the average user from implementing this technique.

I would also be grateful if you might consider increasing the complexity of the currently generated keyfiles.

Thank you.
Nov 14, 2014 at 7:13 AM
I'd really like to see this feature implemented; too many times I've had to create multiple keyfiles, and ended up spending more time than should be necessary repeating the process.
Coordinator
Dec 7, 2014 at 9:35 PM
I have implemented the possibility to generate multiple keyfiles. A BETA2 setup for the upcoming 1.0f version is available and it contains this feature. You can get it at http://sourceforge.net/projects/veracrypt/files/VeraCrypt%20Nightly%20Builds/VeraCrypt%20Setup%201.0f-BETA2.exe/download

Here is how it looks like:
Image

and the result when the base name has a file extension and when it doesn't:
Image Image

Your comments/suggestions are welcomed.
Dec 7, 2014 at 11:26 PM
Thank you very much !!!!! :D

You asked for suggestions....

How about allowing the user to define a keyfile size ? Also a random option, to make all keyfiles a random length between the minimum - maximum size a keyfile can be. The maximum TC used to use was 1MB I believe.

This way an attacker cannot simply search for a known keyfile size if they gain access.

Thanks again, really nice to see some progress, it's very exciting :)
Dec 8, 2014 at 9:22 PM
Well I have tested this new feature today and everything seems ok ... as expected :)

I even tried to input alpha characters and 0 to break it but you had anticipated that with a sanity check :)

Excellent, well done and thank you !!
Coordinator
Dec 8, 2014 at 11:03 PM
Thanks for the feedback!

I have added the possibility to specify the size and also to let VeraCrypt choose random size values.

Here is the new look:
Image

and the result:
Image

I have update the BETA2 installer with the new binary (I didn't want to create a BETA3 just for this). You can grab at the same link
Dec 9, 2014 at 12:21 AM
LOL :D

You are enjoying this aren't you !!!

Brilliant, just brilliant :)

THANK YOU
Dec 9, 2014 at 12:26 PM
Output looks good to me :)

I think we can say this request has been satisfied :D

Thank you very much, it's great to see such rapid development.
Coordinator
Dec 9, 2014 at 12:51 PM
Thank you also for proposing this feature in the first place! Now I have to implement this in Linux and MacOSX (which use a different code base for GUI and file handling) since all OSes are supposed to offer the same features.

It is important that users come forward with new ideas and proposals in order to enrich the functionality offered by VeraCrypt and make more relevant to real-world situations.
Dec 9, 2014 at 5:46 PM
Oh dear, I feel sorry for you having to work in triplicate, it must be very difficult on your own.

I hope you are learning while coding VC and also enjoying it.

Don't worry about running out of feature requests, I have plenty of them :D