This project has moved. For the latest updates, please go here.

Slow Password Authentication

Topics: Technical Issues, Users Discussion
Oct 23, 2014 at 7:59 PM
So after installing Truecrypt (which I love because I am super paranoid) I chose the AES/Serpent/Twofish cascade encryption and after waiting 11 HOURS the drive was encrypted. Upon the reboot of my laptop I correctly entered my password and after 8 minutes of processing it booted. Is it slow because of the cascade encryption, or because of some problem. Any and all suggestions would be appreciated.
Coordinator
Oct 23, 2014 at 9:15 PM
The slowness in the boot after password is entered (8 minutes) is not due to the use of cascade algorithm but rather to the key derivation : it requires a lot of computation resources to ensure a high security and because of the limited resources of the boot environment it tends to take long time on slow CPUs.
On the other hand, the 11 hours spent encrypting the drive would be greatly reduced if you choose AES only for example.

In VeraCrypt, we privilege security because CPUs are going faster year after year. So, unfortunately there is no solution to accelerate the boot apart from getting a faster CPU.

Concerning the boot performance, in the next version, we'll introduce the notion of "Securit Level" where a user can choose between "High Security" (the current level of VeraCrypt), "Medium Security" which will be faster with reduced security and "Low Security" which will be very fast with an average security (10000 iterations of PBKDF2). This will be interesting for those with a slow CPU because they can choose the best security level that meet their constraints.

Here is a preview of how the boot loader will look like :
Image

Image
Oct 24, 2014 at 8:20 PM
Edited Oct 24, 2014 at 8:21 PM
Thanks. But now I have a new problem, I just shut down my laptop after the 11 hours. and now it when I enter my password for veracrypt it takes me to a screen that says there is no installed operating system, and if it DOES boot windows, it will not load past the login screen, it says "Welcome" and stays there forever. HELP!
Coordinator
Oct 25, 2014 at 6:58 AM
Just to better understand your issue : from your description, it appears that after your enter the password, sometimes Windows boots and sometimes you have an error message. Is this correct?

When you shutdown your laptop, the encryption was already finished? If not, did you tell VeraCrypt to pause the encryption before shutting down?

Did you burn/backup the rescue disc created during the encryption process? As indicated by VeraCrypt message, the rescue disc is important to recover your data or boot your system if something goes wrong.
Oct 28, 2014 at 7:02 PM
Edited Oct 28, 2014 at 7:14 PM
It encrypted successfully, and I never shut it down during the encryption process for fear of messing it up, even with the defer option. And yes sometimes it will (after a 5 minute password authentication) do one of three things, Say no OS is installed, slowly boot Windows and freeze at the Welcome message, or launch HP's disk repair native help tool saying that there is a problem with my drive and I need to reformat. Also I have another question: since I am upgrading from a HDD to a SSD and I encrypted my entire HDD (690 GB) and my SSD is only 256 GB, if I used a tool to clone my original Harddrive would it only clone my system partition, or would I have to decrypt, then clone my system partition? And would it make the encryption/decryption (start-up) faster?
Coordinator
Oct 29, 2014 at 11:19 AM
The fact that your system doesn't always behave the same way after entering the password indicates that either:
  • there is an incompatibility with the BIOS of your motherboard which makes the bootloader behaves strangely.
  • there is software component installed in Windows (probably a driver) that tries to access the drive in a non standard way, bypassing the BIOS interrupt
    13h which is used to intercept read/write operations.
Either way, it's not possible to find a solution without having the same hardware/software as you in order to do further debugging. Thus, the only way for now is to decrypt your partition using the rescue disk.

Can you give the reference of the motherboard and/or the PC you are using? It will interesting for others who have the same hardware to check if they have the same issue. If it is confirmed, we will try to find a way to get a hand on this type of machine to investigate further.

Concerning the SSD usage, it doesn't affect encryption/decryption speed which is solely linked to CPU speed.

Concerning the cloning of encrypted drives, I don't have an answer but the safest approach is to clone the decrypted drive.
Oct 29, 2014 at 2:52 PM
Edited Oct 29, 2014 at 3:15 PM
Okay thank you so much. As for my computer it is a HP dv6-7029wm with the stock bios and A70M UMA MB motherboard. Thank you so much for all the help, I just hope on day it is compatible and I will be able to utilize all your hard work. Thanks.
Nov 26, 2014 at 1:02 PM
Edited Nov 26, 2014 at 1:06 PM
idrassi wrote:
The slowness in the boot after password is entered (8 minutes) is not due to the use of cascade algorithm but rather to the key derivation : it requires a lot of computation resources to ensure a high security and because of the limited resources of the boot environment it tends to take long time on slow CPUs.
On the other hand, the 11 hours spent encrypting the drive would be greatly reduced if you choose AES only for example.

In VeraCrypt, we privilege security because CPUs are going faster year after year. So, unfortunately there is no solution to accelerate the boot apart from getting a faster CPU.

Concerning the boot performance, in the next version, we'll introduce the notion of "Securit Level" where a user can choose between "High Security" (the current level of VeraCrypt), "Medium Security" which will be faster with reduced security and "Low Security" which will be very fast with an average security (10000 iterations of PBKDF2). This will be interesting for those with a slow CPU because they can choose the best security level that meet their constraints.

Here is a preview of how the boot loader will look like :
Image

Image
Hello idrassi,

Can you give me a period when the next version will be published? Because in the current beta version (1.0f beta), I can not find this function.

Greetings
RKSTCOM
Nov 26, 2014 at 1:18 PM
Edited Nov 26, 2014 at 1:19 PM
RKSTCOM,

You can see the features accepted and estimated times of implementation on the progress thread.

https://veracrypt.codeplex.com/discussions/572862
Dec 8, 2014 at 1:41 PM
Edited Dec 8, 2014 at 1:44 PM
Based on feedback, Mounir (idrassi) has decided not to proceed with low, medium or high security settings.

You can read his explanation in the links below.

Long boot times

Add Security Level Choices

Kind Regards,
Enigma2Illusion
Dec 12, 2014 at 12:35 PM
Is there now an official statement of the developers? I need this information urgently.

Will this function be implemented in the future or in the next version of Veracrypt?

best regards RKSTCOM
Dec 12, 2014 at 12:58 PM
I provided you with a link to answer your question.

https://veracrypt.codeplex.com/discussions/572862


If Mounir is not "official" enough for you, I don't know who else is. :)


The next features to be implemented :

Run cryptographic routines in 32-bit protected mode which will give full performances.

Apparently this will be included after the next release. So into 2015. Mounir works on his own on VeraCrypt while also holding down a full time job. You could of course offer to pay him for a weeks work on VeraCrypt which may speed things along.

During the meantime, if the inconvenience of having to wait for your computer to boot is too great for you then you have 2 options.


Buy better hardware.

Choose a less secure product like TrueCrypt.


Otherwise I suggest you do what I do, turn PC on, type password, sit back and enjoy the feeling of extra security and then start work.

VeraCrypt is the best WDE encryption product available, as with all good things, they take time :)
Dec 12, 2014 at 1:13 PM
Edited Dec 12, 2014 at 1:13 PM
yes, but there was already a pre-version of the security level. I assumed that this will be implemented soon...
Dec 12, 2014 at 1:19 PM
Yes, that's right there was. However Mounir said the following.
No and we don't think that this feature is going to be included after all. We had some exchanges about it with different users and it appears that it will add confusion about the real security level of VeraCrypt and it will also be a big departure from the spirit of TrueCrypt were all created volumes are assured of having the same level of security.

Moreover, as I always repeat, this delay affects only the boot time and not the performance once Windows is loaded, so it is worth waiting if you have really sensitive data that need this level of security.

A more important feature is to rewrite the bootloader in order to evade the limitation of the current 16-bit mode that makes the performance of the boot so poor. Once we have a 32-bit bootloader, the boot time will dramatically decrease without a need for decreasing the security of the encryption.
Dec 12, 2014 at 1:24 PM
ok, thx for your reply!
that's pretty bad :/
Dec 12, 2014 at 1:32 PM
You're welcome :)

It's "pretty bad" for speedy access to your files. It's pretty good for security though. :)

Unless you are concerned about 3 letter agencies I suggest you use a less secure product for now. Truecrypt is "good enough" for most people. If you use a very long password you should be fine.

When VeraCrypt has a 32-bit bootloader you could come back and enjoy the extra security offered by veraCrypt. Hopefully this will be sometime in 2015.
Dec 26, 2014 at 11:55 AM
Hello, I've encrypted my SSD with the Beta 3 release but I can't change the security level. Is it supposed to be there because on the screenshot it is just the Beta and not the Beta Version 3. I'm a little bit confused.

I would also like to know if you can change the security level every time Windows boots. If so: What is the point in changing it? An attacker could chose "low" and Brute Force faster, right?
Coordinator
Dec 26, 2014 at 1:22 PM
As explained in the different answers above, the security level feature was dropped and it will not be present in official releases.

Moreover, your question concerning the change of security level is one of the reason this feature was dropped because some early feedback showed that it will cause confusion among the users about the security provided by VeraCrypt and that it was difficult to explain its usage.
Feb 27, 2015 at 2:35 AM
Hello,

Just registered here to express my point of view on the current implementation of the PRF and bootloader speed.

Currently I am using TrueCrypt for the encryption of my system partition and it does a good job, as far as I know, boots right a second after I put the good password.

I have tried VeraCrypt and it takes about one minute for the same task, although with a much higher number of iterations and better cryptography algorithm, which in my humble opinion is too much time.

Yet, for example, with regards to the file-containers the speed is much better. Takes about 10 seconds to mount one of them vs truecrypt which took 2 seconds, but with the increased security, it certainly pays off the extra 8 seconds.

So, for me, I still prefer using TrueCrypt for system encryption and storing any more sensitive information inside a VeraCrypt container, while enforcing a security policy with regards to wiping deleted data with another solution.

As far as I can understand, the delay in bootloader is due to cryptography operations being done in a 16bit environment, which in a 32bit environment the same kind of delay is negligible.

So, and please, add an option for some sort of middle-mode, not as secure as a paranoid VeraCrypt but still more secure than TrueCrypt.

My two cents.

Regards,
Jorge Silva
Feb 27, 2015 at 3:14 AM
Hello Jorge,

Mounir has plans to address this issue by updating the bootloader to use 32-bit and later 64-bit for 64-bit OS's. Also, if your password is 20 or greater characters, you can adjust the iteration count for the hash/PRF to a secure lower limit that Mounir will define. You can read about the lower iteration count at the link below.

http://tinyurl.com/kssfpvj