This project has moved. For the latest updates, please go here.

How urgent is it to change from truecrypt volumes to veracrypt

Topics: Users Discussion
Nov 13, 2015 at 9:39 PM
I have installed veracrypt and un-installed truecrypt.
I have created all new volumes with veracrypt.
How urgent is it to convert my legacy TC to VC volumes, I have some quite large volumes , tens of TB. These reside on replicated (unmounted), reasonably secure locations, with good physical access controls.
Do I need to update at once, or should I wait until convenient?

I apologise if this has already been covered.

Nov 14, 2015 at 2:33 AM
Edited Nov 14, 2015 at 3:49 AM

If your TrueCrypt volumes were created with TrueCrypt version 6.x or higher, you can use VeraCrypt to convert them quickly.

Be aware that VeraCrypt will take longer to mount the volume compared to TrueCrypt due to the higher iterations performed for the hash. For people who need faster mount times over security, you can adjust the PIM value.

You will have to decide for yourself the urgency of the issues. The recent TrueCrypt/VeraCrypt driver security issue is very serious. The two vulnerabilities are exploits of the TrueCrypt and VeraCrypt respective driver. No impact to the hash and encryption algorithms.

Upgrade to 1.16 version or higher version when released to prevent the exploits and deinstall TrueCrypt software.

Mounir provided his explanations in the article for CVE-2015-7358 (critical) and CVE-2015-7359.

Kind Regards.