This project has moved. For the latest updates, please go here.

VeraCrypt & TrueCrypt Container File

Topics: Technical Issues
May 10, 2015 at 12:49 PM
After reading that Veracrypt can open an existing TrueCrypt container file, I tried this -- it failed. After a LONG wait, I received an error message, however the TrueCrypt file is known to be good and works perfectly with Truecrypt.

In case it matters, I did not install VeraCrypt to run this experiment; I just extracted the files to a folder (as was done previously with Truecrypt).
Coordinator
May 10, 2015 at 1:52 PM
Hi,

As explained in the documentation, VeraCrypt supports only TrueCrypt volumes created with TrueCrypt versions 6.x and 7.x. Volumes created with TrueCrypt 4.x and 5.x are not supported since they use legacy algorithms and format.
Documentation link: https://veracrypt.codeplex.com/wikipage?title=TrueCrypt%20Support

By the way, to accelerate the mounting of volumes, you have to select the correct PRF algorithm (SHA512, SHA256, Whirlpool, RIPEMD160) instead of auto detection.
May 10, 2015 at 5:07 PM
The container file was created with TrueCrypt 7.1A, and it always works perfectly with TrueCrypt. I had already read that putting in the encryption algorithms would make opening this file faster, but I choose not to do that since I wanted to see what would happen with the auto mode. So all I did was to extract the VeraCrypt files, then I ran the main VeraCrypt executable, selected the drive letter I wished to use, selected the container file, and after a long wait, I got the error. From what I read, it seems that this procedure should have worked.
May 10, 2015 at 5:37 PM
Edited May 10, 2015 at 6:10 PM
I am able to mount a file container created by TrueCrypt 7.1a version with cascade encryption algorithms, hash set to Whirlpool and format NTFS using VeraCrypt "Autodetection" and "TrueCrypt Mode" box checked. Mounted successfully and quickly for me.

If you selected both "Autodetection" and checked the box for "TrueCrypt Mode", try installing VeraCrypt instead of extracting and test again. I am running both TrueCrypt and VeraCrypt on my machine with no problems.
Coordinator
May 10, 2015 at 7:14 PM
As Enigma2illusion said, don't forget to check "TrueCrypt Mode" in the password dialog.
May 11, 2015 at 5:38 PM
Thanks for your comments. I bet I did NOT check the "TrueCrypt Mode" box. Let me go back and try this all again, making sure to check that box!
May 11, 2015 at 5:39 PM
Will do. I'll report back soon....
May 11, 2015 at 7:33 PM
Obviously I overlooked the TrueCrypt check box earlier. I was just able to open and close the same original TrueCrypt container file perfectly. Good! Thanks for the tip!

A few more things.....

Do I assume correctly that I may NOT fully derive all the benefits of using VeraCrypt if if I leave the container file in its original TrueCrypt-created form? IOW, would it be best if I now convert the container file to the native VeraCrypt format?

Last, I am used to using TrueCrypt in batch files via these two command lines:

TO OPEN: TrueCrypt.exe /q /a /lT /e /m rm /m ts /v "C:\path\containerfilename"

TO CLOSE: TrueCrypt.exe /q /d

I did check the VeraCrypt PDF user guide and found all of these same command line switches, so it seems the above lines should work (obviously after substituting "VeraCrypt.exe" for "TrueCrypt.exe"). However, is there any reason I should change what I have been doing?
May 11, 2015 at 10:00 PM
Edited May 12, 2015 at 2:39 PM
Thanks JDH1 for reporting your findings.

.
IOW, would it be best if I now convert the container file to the native VeraCrypt format?
.
You can find that answer in the thread below:
https://veracrypt.codeplex.com/discussions/609176

.
I did check the VeraCrypt PDF user guide and found all of these same command line switches, so it seems the above lines should work (obviously after substituting "VeraCrypt.exe" for "TrueCrypt.exe"). However, is there any reason I should change what I have been doing?
.
The current beta and the next release will have stricter switch rules.
* Make command line argument parsing more strict and robust (e.g. /lz rejected, must be /l z)
EDIT:
To reduce the delay time for mounting the volume, start using the /hash switch in your command line. Otherwise VeraCrypt will use autodetection which will take longer since VeraCrypt has to use all four hash algorithms.
May 12, 2015 at 4:39 PM
Edited May 12, 2015 at 4:40 PM
Thanks for the information. I just read the thread you suggested about converting to native VeraCrypt mode.

On your response about my command line usage and the fact that VeraCrypt will soon have more strict rules in this regard, it looks like I will need to make a slight change to my old command sting:

VeraCrypt.exe /q /a /lT /e /m rm /m ts /v "C:\path\containerfilename"

to

VeraCrypt.exe /q /a /l T /e /m rm /m ts /v "C:\path\containerfilename" (added a space in the /l T switch -- that's all I see to do.... correct?)

The other string looks like it ought to be okay: TrueCrypt.exe /q /d

Yes?
May 12, 2015 at 11:29 PM
I use the GUI instead of command lines in scripts. To my eyes, everything looks correct. You saw my note about the /hash switch?
May 13, 2015 at 4:19 PM
I have not gotten to the point of trying a batch file with all the command line switches, etc. First I wanted to make sure that everything worked with the normal GUI interface. I read the thread about converting the container file from TC to VC, and also found this mentioned in the VC FAQ file:

" Starting from version 1.0f, VeraCrypt offers the possibility to convert TrueCrypt containers and nonsystem partitions to VeraCrypt format. This can achieved using the "Change Volume Password" or "Set Header Key Derivation Algorithm" actions. "

So I tried both methods with my known-good TC container file, and in both cases the operations ended with a success message. BTW, I did not make use of the /hash switch -- I was not worried about speed; just wanted to see if things worked at all, and in the simplest way. Unfortunately, after using either method, when I then trying to open the now supposedly converted to VC container file, I had a ~complete~ system lockup an instant after clicking on "Mount". And when I say "complete", I mean so solid a lockup that ~nothing~ worked -- the mouse cursor froze, and even Ctrl-Alt-Del did nothing. I had to do a hard reset, something I was not happy about having to do.

So I suppose I am doing something wrong, but I have no idea what that might be.....

John
May 13, 2015 at 9:54 PM
Hello John,

Can you review the Windows Events Log for time your system froze to see if there are any errors near the time the system froze?

Where you able to mount the volume after your hard reset your PC?
May 14, 2015 at 12:49 AM
I received your message hours after the problems, but as far as I can see, there are two section within the events log which may pertain. Both are signified as red "error" labels, and they mention as source "UserEnv".

No , The same problem happened after the reboot. I am using some background AV utils which do not impact TrueCrypt, but maybe they impact VeraCrypt. Whne I get time, I try disabling them and see what happens.

John
May 15, 2015 at 3:23 PM
I tried everything again yesterday using the "Set Header Key Derivation Algorithm" method. VC reported that the operation was successful (as before), and that the old TC container should now be a VC container. Just in case, this operation was done with the AV software disabled. I then rebooted. After opening VC, setting a drive letter, choosing the container file name, etc., the instant that I clicked on "mount", the program froze along with everything else (frozen mouse, etc.).

I have now done all this 3-4 times, always with the same result. VC always works perfectly to mount the original TC container after selecting the "TrueCrypt Mode" -- my problem only appears after this file is converted to VC. One thing.... I don't know if this is significant, however after the container file has supposedly been converted to VC format, I have noticed that the file size and file creation date are totally unchanged. I expected that there might be some changes in these things, but maybe seeing none is totally normal?

John
May 15, 2015 at 4:34 PM
Edited May 15, 2015 at 8:12 PM
Are you using Symantec/Norton?

There are reported issues that Symantec is going to provide a fix with systems locking-up or BSOD issues.

Can you copy the file container to another PC with VeraCrypt installed to see if the volume will open without locking-up the system?

Also, did you install VeraCrypt software instead of extracting the files?
May 15, 2015 at 11:08 PM
No, I do not have any Symantec/Norton products here.

I did not install VeraCrypt -- I merely extracted the files as (if I recall correctly) I have always done with TrueCrypt. And VC works perfectly in this fashion, but only when mounting/dismounting TrueCrypt container files. That being said, my guess is that the conversion process is not working correctly here (even though VeraCrypt always claims success).

I might be able to run some tests on another PC, but this may be inconvenient -- let me see what I can do. However, even if that experiment did yield proper operation, getting it to work correctly on my main PC is my most important goal (really, my only goal).

John
Coordinator
May 15, 2015 at 11:23 PM
Did you try manually specifying the correct PRF in the password dialog?

When using, autodetection, VeraCrypt uses all CPU cores to optimize speed and this may seem to temporarily freeze your PC during the mount operation depending on your CPU ( on Core-i7 CPU it doesn't freeze but on others maybe). In all cases, there is no real freeze.
How long did you wait? What is the reference of your CPU? This may help calculate how long the autodetection should take for you.

I believe that you are not encountering a real freeze but just that the mount is too long for your CPU. That's why you should not use autodetection. But let's wait for your CPU reference to be sure.
May 16, 2015 at 12:57 PM
Edited May 16, 2015 at 12:58 PM
No, I have always used autodetection. Frankly, I am uncertain about the meaning of PRF, so I hope the user guide explains this well. Another factor is this TrueCrypt container file was made quite a while ago, so if I need to know the exact encryption parameters used to create it, I will need to try to find my old notes on this. Or is there a way to deduce these things after the fact?
Coordinator
May 16, 2015 at 1:06 PM
After the volume is mounted, you can find the associated PRF by displaying the volume properties (select it on the list and click the button "Volume Properties"). On the displayed dialog, look for the line that starts with "PKCS-5 PRF".
VeraCryptVolumePropertiesPrf

For your information, PRF is for "pseudo random function" and it is based on the hash algorithm used to derive the key from the password. Thus, the possible values for the PRF are: SHA-512, SHA-256, Whirlpool, RIPEMD-160.
May 17, 2015 at 4:39 PM
I found another PC to use for testing. The container file I had converted to VeraCrypt format on the old PC opened without problems on this other PC. In that case, I still used VeraCrypt in portable mode (in other words, I just extracted the files - no actual installation). Also, I did as suggested and did not use automatic detection. I found the PRF listing on the volume properties screen and used that (in my case, it showed "HMAC-SHA-512").

As far as I can tell, what I saw on the old PC after trying to mount the volume was truly a full and total lockup. The progress display instantly freezes, the mouse cursor will not move, and even if I wait for 10 minutes, absolutely nothing changes. At that point the only thing I can go to get out is to do a very ungraceful hard reset. The new test PC runs Win 7, and is fairly fast, while the old PC runs Win XP and is slow (don't recall the processor speed, however). Still, the old PC runs TrueCrypt perfectly in every way. All I can assume is VeraCrypt needs a faster computer, more RAM, or in some way more resources than TrueCrypt does.

John
Coordinator
May 17, 2015 at 5:16 PM
Thank you John for the update.

The only freeze reports received so far are linked to the use of Antivirus products (Symantec/Norton and Trend Micro). It would be interesting to know what CPU are you using in the old XP PC. VeraCrypt requires more CPU for the mounting but this should not freeze the machine completely.
Were you able to test on the old PC using the manual selection of the PRF instead of autodetection?
May 17, 2015 at 7:24 PM
The XP machine is ancient, but it still works for routine tasks -- mail checking, etc. It's probably a single core at less than 2 GHz, but still, it's more than adequate for TrueCrypt.

Yes, I did try the old PC without using Autodetection -- I used "HMAC-SHA-512" based on the information from Volume Properties. The symptoms were identical -- instant lockup. I have neither Symantec/Norton nor Trend Micro.

You said that VC needs more CPU for mounting than TC does -- any idea how much more? For that matter, what are the bare minimum system requirements for VC?

Bottom line: I believe I should give up on using VeraCrypt on this old PC -- the machine is probably just too antiquated, has too few resources, etc. Certainly it's way past time to retire the thing -- it's just that it is so otherwise rock solid and fully configured with so many programs, I hate to trash it. Everyone is familiar with the dilemma -- what to do with an old PC that is working fine..... (well, almost).