"Fossies" - the Fresh Open Source Software Archive

Member "doc/html/Authenticity and Integrity.html" (10 Oct 2018, 2942 Bytes) of package /windows/misc/VeraCrypt_1.23-Hotfix-2_Source.zip:

Caution: In this restricted "Fossies" environment the current HTML page may not be correctly presentated and may have some non-functional links. You can here alternatively try to browse the pure source code or just view or download the uninterpreted raw source code. If the rendering is insufficient you may try to find and view the page on the project site itself.


Documentation >> Security Requirements and Precautions >> Authenticity and Integrity

Authenticity and Integrity

VeraCrypt uses encryption to preserve the confidentiality of data it encrypts. VeraCrypt neither preserves nor verifies the integrity or authenticity of data it encrypts or decrypts. Hence, if you allow an adversary to modify data encrypted by VeraCrypt, he can set the value of any 16-byte block of the data to a random value or to a previous value, which he was able to obtain in the past. Note that the adversary cannot choose the value that you will obtain when VeraCrypt decrypts the modified block — the value will be random — unless the attacker restores an older version of the encrypted block, which he was able to obtain in the past. It is your responsibility to verify the integrity and authenticity of data encrypted or decrypted by VeraCrypt (for example, by using appropriate third-party software).

See also: Physical Security, Security Model