From e59eb421fb21031353a30b0cf866a81efc0feaa4 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Sat, 18 Apr 2026 00:20:32 +0900 Subject: [PATCH] Linux/macOS: Implement missing Argon2 KDF support on Unix --- Translations/Language.ar.xml | 4 + Translations/Language.be.xml | 4 + Translations/Language.bg.xml | 4 + Translations/Language.ca.xml | 4 + Translations/Language.co.xml | 4 + Translations/Language.cs.xml | 4 + Translations/Language.da.xml | 4 + Translations/Language.de.xml | 4 + Translations/Language.el.xml | 4 + Translations/Language.es.xml | 4 + Translations/Language.et.xml | 4 + Translations/Language.eu.xml | 4 + Translations/Language.fa.xml | 4 + Translations/Language.fi.xml | 4 + Translations/Language.fr.xml | 4 + Translations/Language.he.xml | 4 + Translations/Language.hu.xml | 4 + Translations/Language.id.xml | 4 + Translations/Language.it.xml | 4 + Translations/Language.ja.xml | 4 + Translations/Language.ka.xml | 4 + Translations/Language.ko.xml | 4 + Translations/Language.lv.xml | 4 + Translations/Language.my.xml | 4 + Translations/Language.nb.xml | 4 + Translations/Language.nl.xml | 4 + Translations/Language.nn.xml | 4 + Translations/Language.pl.xml | 4 + Translations/Language.pt-br.xml | 4 + Translations/Language.ro.xml | 4 + Translations/Language.ru.xml | 4 + Translations/Language.sk.xml | 4 + Translations/Language.sl.xml | 4 + Translations/Language.sv.xml | 4 + Translations/Language.th.xml | 4 + Translations/Language.tr.xml | 4 + Translations/Language.uk.xml | 4 + Translations/Language.uz.xml | 4 + Translations/Language.vi.xml | 4 + Translations/Language.zh-cn.xml | 4 + Translations/Language.zh-hk.xml | 4 + Translations/Language.zh-tw.xml | 4 + .../Personal Iterations Multiplier (PIM).html | 10 +- src/Common/Common.rc | 2 +- src/Common/Crypto.h | 1 + src/Common/Language.xml | 8 +- src/Common/Password.c | 38 +++- src/Common/Pkcs5.c | 11 +- src/Common/Pkcs5.h | 2 +- src/Common/Random.c | 25 ++- src/Common/Random.h | 3 +- src/Core/Core.h | 10 +- src/Core/CoreBase.cpp | 8 +- src/Core/VolumeCreator.cpp | 8 +- src/ExpandVolume/ExpandVolume.rc | 2 +- src/Format/Format.rc | 4 +- src/Format/Tcformat.c | 22 ++- src/FormatDLL/VeraCryptFormatSDK.cpp | 2 +- src/FormatDLL/VeraCryptFormatSDK.h | 2 +- src/Main/CommandLineInterface.cpp | 63 +++---- src/Main/CommandLineInterface.h | 5 +- src/Main/Forms/BenchmarkDialog.cpp | 4 +- src/Main/Forms/ChangePasswordDialog.cpp | 173 ++++++++++++++---- .../Forms/EncryptionOptionsWizardPage.cpp | 20 +- src/Main/Forms/EncryptionOptionsWizardPage.h | 7 +- src/Main/Forms/MainFrame.cpp | 8 +- src/Main/Forms/VolumeCreationWizard.cpp | 26 ++- src/Main/Forms/VolumeCreationWizard.h | 2 +- src/Main/GraphicUserInterface.h | 2 +- src/Main/TextUserInterface.cpp | 107 +++++++---- src/Main/TextUserInterface.h | 2 +- src/Main/UserInterface.cpp | 12 +- src/Main/UserInterface.h | 2 +- src/Mount/Mount.c | 13 +- src/Mount/Mount.rc | 8 +- src/Volume/EncryptionTest.cpp | 146 ++++++++++++++- src/Volume/Pkcs5Kdf.cpp | 80 ++++++-- src/Volume/Pkcs5Kdf.h | 57 +++++- src/Volume/VolumeHeader.cpp | 9 +- src/Volume/VolumePassword.cpp | 1 + src/Volume/VolumePassword.h | 1 + 81 files changed, 848 insertions(+), 226 deletions(-) diff --git a/Translations/Language.ar.xml b/Translations/Language.ar.xml index e23cf321..17b791ef 100644 --- a/Translations/Language.ar.xml +++ b/Translations/Language.ar.xml @@ -644,10 +644,13 @@ ة الخاص بالقرص المخفي PIM الخاص بالنظام المخفي PIM PIM (مضاعف الدورات الشخصي) هو الرقم الذي يتحكم في عدد مرات التكرار المستخدم من مشتق مفتاح الترويسة كما يلي:\n الدورات Iterations = 15000 + (PIM x 1000).\n\nحينما تكون القيمة صفر أو فراغ, فيرا كربت سيستخدم القيمة(485) والتي تضمن أمانا عاليا.\n\nحينما يكون طول كلمة السر أقل من عشرين,أقل من 485 للمحافظة على مستوى الأمان PIM لا يمكن أن تكون قيمة.\nحينما تكون كلمة السر طولها أكثر من عشرين,أي شيء PIM فيمكن أن تكون قيمة.\n\nإذا كانت قيمة PIM أعلى من 485 فهذا يعني تحميلا أبطأ. إذا كانت قيمة PIM أقل من 485 فهذا يعني تحميلا أسرع ولكن أمان أقل إذا كانت كلمة السر غير قوية. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) مضاعف الدورات الشخصي) هو الرقم الذي يتحكم في عدد مرات التكرار المستخدم من مشتق مفتاح الترويسة كما يلي:\n الدورات Iterations = PIM x 2048.\n\nحينما تكون القيمة صفر أو فراغ, فيرا كربت سيستخدم القيمة(485) والتي تضمن أمانا عاليا.\n\nحينما يكون طول كلمة السر أقل من عشرين, PIM لا يمكن أن تكون قيمة أقل من 98 للمحافظة على مستوى الأمان.\nحينما تكون كلمة السر طولها أكثر من عشرين,أي شيء PIM فيمكن أن تكون قيمة.\n\n PIM إذا كانت قيمة أعلى من 98 فهذا يعني إقلاعا أبطأ. إذا كانت القيمة أقل من 98 فهذا يعني إقلاعا أسرع لكن أمان أقل إذا كانت كلمة السر غير قوية. تذكر الرقم لإقلاع النظام قمت باختيار قيمة PIM أعلى من القيمة الافتراضية له في فيراكربت.\nالرجاء ملاحظة أن هذا يؤدي لإبطاء عملية الإقلاع أو التحميل. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. قمت باختيار قيمة متدنية ل (PIM) وهي أدنى من القيمة الافتراضية له في فيراكربت. يرجى ملاحظة أنه إن لم تكن كلمة السر قوية فهذا يعني أمان أقل.\n\nهل تؤكد أنك تستخدم كلمة سر قوية? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? أكبر قيمة ل (PIM) لتشفير النظام هي 65535. قيمة PIM للقرص \n\nتحذير: وجدت ملفات مخفية في مسار ملف المفتاح. تلك الملفات المخفية لا تصلح كملف مفتاح. إذا كنت تريد استخدامهم كملف مفتاح, يرجى إزالة خاصية الإخفاء عنها (لضغط بالزر الأيمن عليها, اختر خصائص, أزل العلامة من أمام خاصية الإخفاء ثم اضغط زر نعم). ملاحظة: المفات المخفية تظهر إذا كانت خاصية الإخفاء بالكمبيوتر غير مفعلة (الكمبيوتر > ترتيب > 'خيارات المجلدات والبحث' > مشاهدة). @@ -1104,6 +1107,7 @@ هذه الخوارزمية ليست مدعومة لنمط تروكربت. PIM (مضاعف التكرار الشخصي) غير مدعوم لنمط تروكربت. كلمة السر لابد أن تزيد عن عشرين كي يمكن استخدام مضاعف التكرار الشخصي PIM.\nكلمات السر الأقصر يمكن استخدامها إذا كان مضاعف التكرار الشخصي PIM 485 أو أكثر. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. كلمة السر قبل الإقلاع لابد أن تكون 20 أو أكثر من أجل استخدام مضاعف التكرار الشخصي المحدد\nكلمات السر الأقصر يمكن استخدامها إذا كان مضاعف التكرار الشخصي 98 أو أكثر. ‮لا يمكن حاليا استخدام الملفات المفاتيح عند تعمية النظام. تنبيه: تعذَّر على ڤيراكربت استعادة النسق الأصلي للوحة المفاتيح مما قد يؤدي إلى أن تُدخلَ كلمة السر على نحو غير صحيح. diff --git a/Translations/Language.be.xml b/Translations/Language.be.xml index 2922d250..629722f0 100644 --- a/Translations/Language.be.xml +++ b/Translations/Language.be.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.bg.xml b/Translations/Language.bg.xml index b8b0a498..89be4cc6 100644 --- a/Translations/Language.bg.xml +++ b/Translations/Language.bg.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. За сега ключ-файлове не се поддържат за системно криптиране. Внимание: VeraCrypt не може да възстанови оригиналната подредба на клавиатурата. Заради това може да въведете някоя парола грешно. diff --git a/Translations/Language.ca.xml b/Translations/Language.ca.xml index 8b9ba7df..73bdfaa8 100644 --- a/Translations/Language.ca.xml +++ b/Translations/Language.ca.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Els fitxers de claus no estan suportats per al xifrat del sistema. ATENCIÓ: El VeraCrypt no ha pogut restaurar la disposició de teclat orignal. Això pot provocar que introdueixi la contrasenya incorrectament. diff --git a/Translations/Language.co.xml b/Translations/Language.co.xml index 4962e8f4..ed13e43c 100644 --- a/Translations/Language.co.xml +++ b/Translations/Language.co.xml @@ -664,10 +664,13 @@ Information about Corsican localization: PIM di u vulume piattatu PIM per u sistema operatoriu piattatu PIM (Multiplicatore d’Iterazioni Persunali) hè u valore chì cuntrolleghja u contu d’iterazioni impiegate da a derivazione di a chjave d’intestatura cusì :\n Iterazioni = 15000 + (PIM x 1000).\n\nQuandu u campu hè viotu o definitu à 0, VeraCrypt impiegheghja un valore predefinitu (485) chì assicureghja un altu livellu di sicurità.\n\nQuandu a parolla d’intesa hè menu longa chè 20 caratteri, u valore PIM ùn pò micca esse più chjucu chè 485 per mantene un livellu minimu di sicurità.\nQuandu a parolla d’intesa hè omancu di 20 caratteri, u PIM pò esse definitu à un qualunque valore.\n\nUn valore PIM più maiò chè 485 aumenterà a durata di muntatura. Un chjucu valore PIM (menu chè 485) riducerà a durata di muntatura ma què pò riduce a sicurità s’è a parolla d’intesa ùn hè abbastanza forta. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Multiplicatore d’Iterazioni Persunali) hè u valore chì cuntrolleghja u contu d’iterazioni impiegate da a derivazione di a chjave d’intestatura cusì :\n Iterazioni = PIM x 2048.\n\nQuandu u campu hè viotu o definitu à 0, VeraCrypt impiegheghja un valore predefinitu chì assicureghja un altu livellu di sicurità.\n\nQuandu a parolla d’intesa hè menu longa chè 20 caratteri, u valore PIM ùn pò micca esse più chjucu chè 98 per mantene un livellu minimu di sicurità.\nQuandu a parolla d’intesa hè omancu di 20 caratteri, u PIM pò esse definitu à un qualunque valore.\n\nUn valore PIM più maiò chè 98 aumenterà a durata di a piccera. Un chjucu valore PIM (menu chè 98) riducerà a durata di a piccera ma què pò riduce a sicurità s’è a parolla d’intesa ùn hè abbastanza forta. Arricurdassi di u numeru per piccià u sistema Avete sceltu un valore PIM più maiò chè u valore predefinitu di VeraCrypt.\nSappiate chì què pò aumentà a durata di a muntatura o di a piccera. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Avete sceltu un valore PIM (Multiplicatore d’Iterazioni Persunali) chì hè più chjucu chè u valore predefinitu di VeraCrypt. Sappiate chì, s’è a vostra parolla d’intesa ùn hè abbastanza forta, què pò riduce u livellu di sicurità.\n\nCunfirmate chì vò impiegate una parolla d’intesa forta ? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? U valore massimu di u multiplicatore d’iterazioni persunali (PIM) per a cifratura di u sistema hè 65535. PIM di u vulume \n\nAVERTIMENTU : Qualchì schedariu piattatu hè statu trovu in u chjassu di ricerca di u schedariu chjave. Un tale schedariu piattatu ùn pò micca esse impiegatu cum’è schedarii chjave. S’ella hè bisognu à impiegallu cum’è schedarii chjave, cacciate u so attributu « Piattatu » (cliccu dirittu nant’à u schedariu eppò selezziunate « Pruprietà », cacciate l¹ozzione « Piattatu », è cliccu nant’à « Vai »). Nota : I schedarii piattati sò videvule solu s’è l’ozzione currispondente hè attiva (Urdinatore > Organizà > Cartulare è ozzioni di ricerca > Vista). @@ -1124,6 +1127,7 @@ Information about Corsican localization: Sta cudificazione ùn hè micca accettata per u modu TrueCrypt. U PIM (valore massimu di u multiplicatore d’iterazioni persunali) ùn hè micca accettatu per u modu TrueCrypt. A parolla d’intesa deve cuntene omancu 20 caratteri per pudè impiegà u valore PIM specificatu.\nE parolle d’intesa più corte ponu solu esse impiegate s’è u PIM hè uguale à 485 o superiore. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. A parolla d’intesa d’autenticazione di prepiccera deve cuntene omancu 20 caratteri per pudè impiegà u valore PIM specificatu.\nE parolle d’intesa più corte ponu solu esse impiegate s’è u PIM hè uguale à 98 o superiore. I schedarii chjave ùn sò micca accettati attualmente per a cifratura di u sistema. Avertimentu : VeraCrypt ùn hà micca pussutu risturà a dispusizione d’origine di a tastera. Què vi pò impedisce di stampittà currettamente a parolla d’intesa. diff --git a/Translations/Language.cs.xml b/Translations/Language.cs.xml index c7a9eaf8..c55cd387 100644 --- a/Translations/Language.cs.xml +++ b/Translations/Language.cs.xml @@ -644,10 +644,13 @@ Skrytý svazek PIM PIM pro skrytý operační systém PIM je hodnota, která reguluje počet iterací použitých v odvozenině hlavičky klíče, jako např.:\n Iterace = 15000 + (PIM x 1000).\n\nZanecháte-li prázdné, nebo nastavíte 0, VeraCrypt použije výchozí hodnotu (485), která zaručuje vysokou bezpečnost.\n\nJe-li heslo kratší než 20 znaků, PIM nesmí být menší než 485, aby byla zachována alespoň minimální úroveň zabezpečení.\nMá-li heslo minimálně 20 znaků, PIM může obsahovat jakoukoliv hodnotu.\n\nHodnota PIM větší než 485 bude mít za následek pomalejší připojení. Malá hodnota PIM (menší než 485) povede k rychlejšímu připojení, ale bude omezeno zabezpečení, není-li heslo dostatečně silné. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM je hodnota, která reguluje počet iterací použitých odvozením hlavičky klíče, jako např.:\n Iterace = PIM x 2048.\n\nZanecháte-li prázdné, nebo nastavíte 0, VeraCrypt použije výchozí hodnotu, která zajistí vysoké zabezpečení.\n\nJe-li heslo kratší než 20 znaků, PIM nesmí být menší než 98 aby byla zachována alespoň minimální úroveň zabezpečení.\nMá-li heslo minimálně 20 znaků, PIM může obsahovat jakoukoliv hodnotu.\n\nHodnota PIM větší než 98 bude mít za následek pomalejší zavádění systému. Malá hodnota PIM (menší než 98) povede k rychlejšímu připojení, ale bude omezeno zabezpečení, není-li heslo dostatečně silné. Zapamatovat si číslo pro zavedení systému Byla vybrána hodnota PIM, která je větší než výchozí hodnota VeraCryptu.\nUvědomte si, že to povede k pomalejšímu připojení/zavedení systému. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Byla vybrána hodnota PIM, která je menší než výchozí hodnota VeraCryptu. Uvědomte si, že není-li vaše heslo dostatečně silné, povede to ke slabšímu zabezpečení.\n\nOpravdu si myslíte, že používáte silné heslo? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Maximální hodnota (PIM) pro systémové zašifrování je 65535. Svazek PIM \n\nUPOZORNĚNÍ: v cestě k souborovým klíčům byl nalezen skrytý soubor/y. Tyto skryté soubory nemohou být použity jako souborové klíče. Potřebujete-li je použít jako souborové klíče, změňte jejich vlastnost „Skrytý” (pravým tlačítkem myši na něj klikněte, vyberte „Vlastnosti”, odškrtněte „Skrytý” a potvrďte „OK”). Poznámka: skryté soubory jsou viditelné jen tehdy, je-li daná volba zapnuta („Ovládací panely > Možnosti složky > Zobrazit”). @@ -1104,6 +1107,7 @@ Tento algoritmus není podporován v režimu TrueCrypt. PIM není podporován v režimu TrueCrypt. Za účelem použití zadaného PIM musí heslo obsahovat minimálně 20 znaků.\nKratší hesla mohou být použita jen je-li PIM minimálně 485. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Za účelem použití zadaného PIM musí heslo pro ověření obsahovat minimálně 20 znaků.\nKratší hesla mohou být použita jen je-li PIM minimálně 98. Souborové klíče aktuálně nejsou podporovány pro šifrování systémů. UPOZORNĚNÍ: VeraCrypt nemohl obnovit původní nastavení klávesnice. To může způsobit, že heslo bude zadáno nesprávně. diff --git a/Translations/Language.da.xml b/Translations/Language.da.xml index 0d10866e..126df94a 100644 --- a/Translations/Language.da.xml +++ b/Translations/Language.da.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Advarsel: VeraCrypt kunne ikke gendanne det originale keyboard layout. Dette kan medføre at du indtaster et kodeord ukorrekt. diff --git a/Translations/Language.de.xml b/Translations/Language.de.xml index 7391574c..8ad41169 100644 --- a/Translations/Language.de.xml +++ b/Translations/Language.de.xml @@ -647,10 +647,13 @@ PIM des verste ckten Volumes PIM für verstecktes Betriebssystem Der PIM (Persönlicher Iterationsmultiplikator) ist ein Wert, der die Anzahl der Iterationen für die Kopfdatenschlüsselableitung wie folgt steuert:\n Iterationen = 15000 + (PIM x 1000).\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert (485), der hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 485 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM-Wert größer als 485 verlangsamt das Einhängen. Ein niedriger PIM-Wert (kleiner als 485) beschleunigt das Einhängen, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. Der PIM (Persönlicher Iterationsmultiplikator) ist ein Wert, der die Anzahl der Iterationen für die Kopfdatenschlüsselableitung wie folgt steuert:\n Iterationen = PIM x 2048.\n\nWird der Wert leer gelassen oder auf 0 gesetzt, benutzt VeraCrypt einen Standardwert, der hohe Sicherheit gewährleistet.\n\nWenn das Passwort weniger als 20 Zeichen hat, kann der PIM nicht kleiner als 98 sein, um ein minimales Sicherheitslevel zu gewährleisten.\nWenn das Passwort 20 Zeichen oder mehr hat, kann der PIM beliebig gesetzt werden.\nEin PIM-Wert größer als 98 verlangsamt den Bootvorgang. Ein niedriger PIM-Wert (kleiner als 98) beschleunigt den Bootvorgang, kann aber die Sicherheit verringern, wenn ein zu schwaches Passwort gewählt wurde. MERKEN! Für Bootvorgang Der gewählte PIM-Wert ist größer als der VeraCrypt-Standardwert.\nBitte beachten Sie, dass dies den Einhänge- bzw. Bootvorgang erheblich verlangsamt. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Der gewählte PIM-Wert (Persönlicher Iterationsmultiplikator) ist kleiner als der VeraCrypt-Standardwert.\nBitte beachten Sie, dass dies die Sicherheit verringern kann, wenn ein zu schwaches Passwort gewählt wurde!\n\nBestätigen Sie, dass Sie ein starkes Passwort gewählt haben? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Der größtmögliche Wert für den PIM (Persönlicher Iterationsmultiplikator) ist 65535. Volume-PIM \n\nWARNUNG: Versteckte Dateien wurden im Suchpfad gefunden. Diese versteckten Dateien können nicht als Schlüsseldateien verwendet werden. Wenn Sie diese Dateien als Schlüsseldateien verwenden möchten, müssen Sie das Attribut „Versteckt“ entfernen (Rechtsklick auf die Datei, „Eigenschaften“ wählen, „Versteckt“ abwählen, „OK“ klicken). Hinweis: Versteckte Dateien sind nur sichtbar, wenn die entsprechende Option im Explorer aktiviert ist („Datei“ > „Ordner- und Suchoptionen ändern“ > „Ansicht“). @@ -1107,6 +1110,7 @@ Dieser Algorithmus ist im TrueCrypt-Modus nicht vorhanden. PIM (Persönlicher Iterationsmultiplikator) wird nicht im TrueCrypt-Modus unterstützt. Das Passwort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM-Wert 485 oder größer ist. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Das Pre-Boot-Authentifikationspasswort muss 20 oder mehr Zeichen haben, um den festgelegten PIM verwenden zu können.\nKürzere Passwörter können nur verwendet werden, wenn der PIM-Wert 98 oder größer ist. Schlüsseldateien werden derzeit nicht für die Systemverschlüsselung unterstützt. WARNUNG: VeraCrypt konnte die ursprüngliche Tastaturbelegung nicht wiederherstellen. Dadurch könnten Sie das Passwort falsch eingeben. diff --git a/Translations/Language.el.xml b/Translations/Language.el.xml index 4047ed1d..01b31410 100644 --- a/Translations/Language.el.xml +++ b/Translations/Language.el.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Προειδοποίηση: Το VeraCrypt δεν μπόρεσε να επαναφέρει την αρχική διάταξη του πληκτρολογίου. Αυτό μπορεί να προκαλέσει εσφαλμένη εισαγωγή κωδικού. diff --git a/Translations/Language.es.xml b/Translations/Language.es.xml index 24b910d0..276662de 100644 --- a/Translations/Language.es.xml +++ b/Translations/Language.es.xml @@ -644,10 +644,13 @@ PIM Oculto del Volumen PIM para el Sistema Operativo Oculto PIM (Personal Iterations Multiplier) es un valor que controla el número de iteraciones usado por la derivación de la llave de cabecera de la siguiente forma:\n Iteraciones = 15000 + (PIM x 1000).\n\nCuando se deja en blanco o se pone a 0, VeraCrypt usará el valor predeterminado (485) que proporciona una elevada seguridad.\n\nCuando la contraseña es de menos de 20 caracteres, PIM puede ser menor de 485 con el fin de mantener un nivel de seguridad mínimo.\nCuando la contraseña es de 20 ó más caracteres, se puede usar cualquier valor de PIM.\n\nUn valor de PIM superior a 485 conllevará un proceso de montaje más lento. Un valor de PIM (menor de 485) conllevará un proceso de montaje más rápido, pero podría reducir la seguridad si la contraseña no es suficientemente fuerte. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) es un valor que controla el número de iteraciones usado por la derivación de la clave de cabecera de la siguiente forma:\n Iteraciones = PIM x 2048.\n\nCuando se deja en blanco o se pone a 0, VeraCrypt usuará un valor por defecto que proporciona una elevada seguridad.\n\nCuando la contraseña es inferior a los 20 caracteres, PIM no puede ser inferior a 98 a fin de mantener un nivel de seguridad mínimo.\nCuando la contraseña supera los 20 caracteres o más, se puede usar cualquier valor de PIM.\n\nUn PIM superior a 98 conllevará un proceso de arranque más lento. Un valor pequeño de PIM (menor de 98) llevará consigo un proceso de arranque más rápido, pero podría reducir la seguridad si la contraseña no es suficientemente fuerte. Recordar Número para Sistema de Arranque Puede elegir un valor de PIM superior al valor por defecto de VeraCrypt.\nPor favor, sea consciente que ello conllevará un arranque/montaje mucho más lento. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Ha elegido un Multiplicador de Iteraciones Personal (Personal Iterations Multiplier - PIM) que es mucho menor que el que proporciona VeraCrypt por defecto. Por favor, sea consciente que si su contraseña no es lo suficientemente fuerte, podría ver reducido el nivel de seguridad.\n\n¿Está seguro que usa una contraseña fuerte? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? El valor máximo del Multiplicador de Iteraciones Personal (Personal Iterations Multiplier - PIM) para un sistema de cifrado es de 65535. PIM de Volumen \n\nAVISO: Se han encontrado archivos ocultos en una ruta de búsqueda de archivos-llave. Estos archivos no pueden ser usados como archivos-llave. Si necesita usarlos como archivos-llave, elimine su atributo 'Oculto' (clic derecho en cada uno, seleccione 'Propiedades', desmarque 'Oculto' y pulse Aceptar). Nota: Los archivos ocultos sólo son visibles si la opción correspondiente está activada (Equipo > Organizar > 'Opciones de carpeta y búsqueda' > Ver). @@ -1104,6 +1107,7 @@ Este algoritmo no está soportado para modo TrueCrypt Multiplicador de Iteraciones Personal (Personal Iterations Multiplier - PIM) no soportado para modo TrueCrypt. La contraseña debe contener 20 caracteres o más para usar el PIM especificado.\nSólo se pueden usar contraseñas de menor longitud si el PIM es 485 ó más. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. La contraseña de autenticación de pre-arranque debe contener 20 caracteres o más para usar el PIM especificado.\nSólo se puede usar contraseñas de menor longitud si el PIM es 98 ó más. Los archivos-llave no están soportados actualmente para el cifrado del sistema. AVISO: VeraCrypt no pudo restaurar la disposición de teclado original. Esto puede hacer que ud. introduzca incorrectamente la contraseña. diff --git a/Translations/Language.et.xml b/Translations/Language.et.xml index 2a5f1cfc..f75d08f4 100644 --- a/Translations/Language.et.xml +++ b/Translations/Language.et.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.eu.xml b/Translations/Language.eu.xml index 6edccea1..af42a9d6 100644 --- a/Translations/Language.eu.xml +++ b/Translations/Language.eu.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nKONTUZ: Ezkutuko fitxategiak aurkitu dira gako-fitxategiak bilatzeko helbidean. Honako ezkutuko fitxategiak ezin dira gako-fitxategi moduan erabili. Gako-fitxategi moduan erabili nahi badituzu, 'Ezkututa' ezaugarria kendu iezaiezu (eskubiko klik egin, 'Ezaugarriak' aukeratu, 'Ezkututa' marka kendu eta 'Ados' sakatu). Oharra: Ezkutuko fitxategiak hori egiteko aukera gaituta badago bakarrik ikus daitezke (Ordenagailua > Kudeatu > Karpeta eta Bilaketa Aukerak > Ikusi). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Momentuz ezin dira gako-fitxategiak erabili sistema zifratzeko. Kontuz: VeraCrypt-ek ezin izan du teklatua diseinu originaera leheneratu. Honek pasahitza gaizki sartzea ekar dezake. diff --git a/Translations/Language.fa.xml b/Translations/Language.fa.xml index 975c4789..ddb22d57 100644 --- a/Translations/Language.fa.xml +++ b/Translations/Language.fa.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.fi.xml b/Translations/Language.fi.xml index b9de3dca..c8846f9a 100644 --- a/Translations/Language.fi.xml +++ b/Translations/Language.fi.xml @@ -644,10 +644,13 @@ Piilotetun taltion PIM Piilotetun käyttöjärjestelmän PIM PIM (henkilökohtainen iteraatiokerroin) on arvo, joka määrää otsikkoavaimen johtamisalgoritmin käyttämien iterointien lukumäärän seuraavasti:\n Iteraatiot = 15000 + (PIM x 1000).\n\nKun jätetty tyhjäksi tai 0, VeraCrypt käyttää oletusarvoa (485) mikä takaa korkean turvallisuuden.\n\nKun salasana on alle 20 merkkiä, PIM ei voi olla pienempi kuin 485, jotta alin turvallisuustaso säilytetään.\nKun salasana on 20 merkkiä tai pidempi, PIM:lle voidaan asettaa mikä tahansa arvo.\n\nJos PIM arvo on suurempi kuin arvo 485, se johtaa hitaampaan taltion liittämiseen. Pieni PIM arvo (pienempi kuin 485) johtaa nopeaan liittämiseen, mutta voi heikentää turvallisuutta mikäli salasana ei ole tarpeeksi vahva. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (henkilökohtainen iteraatiokerroin) on arvo, joka määrää otsikkoavaimen johtamisalgoritmin käyttämien iterointien lukumäärän seuraavasti:\n Iteraatiot = PIM x 2048.\n\nKun jätetty tyhjäksi tai 0, VeraCrypt käyttää oletusarvoa mikä takaa korkean turvallisuuden.\n\nKun salasana on alle 20 merkkiä, PIM ei voi olla pienempi kuin 98 vähimmäisen turvallisuuden säilyttämiseksi.\nKun salasana on vähintään 20 merkkiä, PIM:lle voidaan asettaa mikä tahansa arvo.\n\nPIM-luku joka ylittää arvon 98 johtaa hitaampaan käynnistykseen. Pienempi PIM-luku (alle 98) johtaa nopeampaan käynnistykseen, mutta se voi heikentää turvallisuutta mikäli salasana ei ole tarpeeksi vahva. Muista luku jotta voit käynnistää järjestelmän Olet valinnut PIM-arvon, joka on suurempi kuin VeraCryptin oletusarvo.\nHuomioi, että tämä johtaa paljon hitaampaan liittämiseen tai käynnistymiseen. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Olet valinnut henkilökohtaisen iteraatiokertoimen (PIM), joka on pienempi kuin VeraCryptin oletusarvo. Huomioi, että jos salasanasi ei ole tarpeeksi vahva, tämä voi heikentää tietoturvaa.\n\nVoitko vahvistaa, että käytät varmasti vahvaa salasanaa? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Suurin mahdollinen arvo henkilökohtaiselle iteraatiokertoimelle (PIM) on 65535. Taltion PIM \n\nVAROITUS: Avaintiedostojen polulta löytyy piilotettuja tiedostoja. Tällaisia piilotettuja tiedostoja ei voida käyttää avaintiedostoina. Jos haluat käyttää niitä avaintiedostoina, poista niiden piilotettu attribuutti (napsauta niitä hiiren kakkospainikkeella, valitse 'Ominaisuudet', poista 'Piilotettu' ja napsauta OK). Huomaa: Piilotetut tiedostot ovat näkyvissä vain, jos seuraava asetus on käytössä (Tietokone > Järjestä > 'Kansio ja hakuvalinnat' > View). @@ -1104,6 +1107,7 @@ Tämä algoritmi ei ole tuettuna TrueCrypt-tilassa. PIM (henkilökohtainen iteraatiokerroin) ei ole tuettu TrueCrypt-tilassa. Salasanassa on oltava vähintään 20 merkkiä määritellyn PIM:n käyttämiseksi.\nLyhyempiä salasanoja voidaan käyttää vain, jos PIM on 485 tai suurempi. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Esikäynnistys varmistus Salasanan on sisällettävä 20 tai useampia merkkejä määritetyn PIM:n käyttämiseksi.\nLyhyempiä salasanoja voidaan käyttää vain, jos PIM on 98 tai suurempi. Avaintiedostot eivät ole nykyisin tuettuna järjestelmän salaukselle. Varoitus: VeraCrypt-ohjelma ei voi palauttaa alkuperäistä näppäimistön ulkoasua. Tämä saattaa johtaa sinun antamasta väärästä salasanasta. diff --git a/Translations/Language.fr.xml b/Translations/Language.fr.xml index 26d3fdec..356a7d11 100644 --- a/Translations/Language.fr.xml +++ b/Translations/Language.fr.xml @@ -644,10 +644,13 @@ PIM du volume caché PIM du système d’exploitation caché PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d’itérations utilisées par la dérivation de clé d’en-tête du volume et cela comme suit:\n Nombre d’itérations = 15000 + (PIM x 1000)\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut (485) qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 485 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 485 aboutira à une durée de montage plus longue. Une valeur de PIM petite (moins de 485) conduira à un montage plus rapide mais cela peut réduire la sécurité si le mot de passe n’est pas assez fort. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) est une valeur qui contrôle le nombre d’itérations utilisées par la dérivation de clé d’en-tête du volume et cela comme suit:\n Nombre d’itérations = PIM x 2048\n\nLorsque ce champs est laissé vide ou définie à 0, VeraCrypt utilisera une valeur par défaut qui assurera un haut niveau de sécurité.\n\nLorsque le mot de passe est inférieure à 20 caractères, le PIM ne peut pas être inférieure à 98 afin de maintenir un niveau de sécurité minimale.\nLorsque le mot de passe contient 20 caractères ou plus, le PIM peut être mis à une valeur quelconque.\n\nUn PIM supérieur à 98 aboutira à un préamorçage plus lent du système. Une valeur de PIM petite (moins de 98) conduira à un préamorçage plus rapide mais cela peut réduire la sécurité si le mot de passe n’est pas assez fort. Veuillez mémoriser cette valeur Vous avez choisi une valeur de PIM plus grande que la valeur par défaut de VeraCrypt.\nVeuillez noter que cela conduira à une durée plus longue pour le montage/préamorçage. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Vous avez choisi une valeur de PIM qui est inférieure à la valeur par défaut de VeraCrypt. Veuillez noter que si votre mot de passe n’est pas assez fort, cela pourrait conduire à une réduction du niveau de sécurité.\n\nEst-ce que vous confirmez que vous utilisez un mot de passe fort? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? La valeur maximale du PIM pour le chiffrement système est 65535. PIM du volume \n\nAVERTISSEMENT : Les fichiers cachés ont été trouvés dans un chemin de recherche de fichier de clé. De tels fichiers cachés ne peuvent pas être utilisés comme fichiers clés. Si vous avez besoin de les utiliser comme fichiers clés, enlever leur attribut « Caché » (cliquez-droit sur chacun d’eux, sélectionnez « Propriétés », décochez la case « Caché » et cliquez sur OK). Remarque : Les fichiers cachés sont visibles uniquement si l’option correspondante est activée (Options de dossier > Affichage). @@ -1104,6 +1107,7 @@ Cet algorithme n’est pas supporté pour le mode TrueCrypt. Le PIM n’est pas supporté pour le mode TrueCrypt. Mot de passe doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 485 ou supérieur. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Le mot de passe de préamorçage doit contenir au moins 20 caractères pour pouvoir utiliser cette valeur de PIM.\nLes mots de passe plus courts ne peuvent être utilisés que si la PIM est égal à 98 ou supérieur. Les fichiers clés ne sont actuellement pas pris en charge pour le chiffrement du système. Avertissement : VeraCrypt n’a pas pu restaurer la disposition originale du clavier. Cela peut vous faire saisir votre mot de passe de manière erronée . diff --git a/Translations/Language.he.xml b/Translations/Language.he.xml index 33888ec1..03801870 100644 --- a/Translations/Language.he.xml +++ b/Translations/Language.he.xml @@ -644,10 +644,13 @@ אמצעי אחסון נסתר PIM PIM למערכת הפעלה נסתרת PIM (מכפיל איטרציות אישיות) הוא ערך השולט במספר האיטרציות המשמשות את גזירת מפתח הכותרת באופן הבא: \n איטרציות = 15000+ (PIM x 1000). \n \n כאשר הוא נשאר ריק או מוגדר כ- 0, VeraCrypt ישתמשערך ברירת מחדל (485) המבטיח אבטחה גבוהה. \n \n כאשר הסיסמה קטנה מ -20 תווים, PIM לא יכול להיות קטן מ- 485 על מנת לשמור על רמת אבטחה מינימלית. \n כאשר הסיסמה היא 20 תווים ומעלה, ניתן להגדיר PIM לכל ערך. \n \n ערך PIM גדול מ- 485 יוביל לטעינה איטית יותר.ערך PIM קטן (פחות מ- 485) יוביל לטעינה מהירה יותר אך הוא יכול להפחית את האבטחה אם הסיסמה אינה חזקה מספיק. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (מכפיל איטרציות אישיות) הוא ערך השולט במספר האיטרציות המשמשות את גזירת מפתח הכותרת באופן הבא: \n איטרציות = PIM x 2048. \n \n כאשר הוא נשאר ריק או מוגדר כ- 0, VeraCrypt ישתמש בערך ברירת מחדלמבטיח אבטחה גבוהה. \n \n כאשר הסיסמה קטנה מ -20 תווים, PIM לא יכול להיות קטן מ- 98 על מנת לשמור על רמת אבטחה מינימלית. \n כאשר הסיסמה היא 20 תווים או יותר, ניתן להגדיר PIM לכלערך. \n \n ערך PIM גדול מ- 98 יוביל לאתחול איטי יותר.ערך PIM קטן (פחות מ 98) יוביל לאתחול מהיר יותר אך הוא יכול להפחית את האבטחה אם הסיסמה אינה חזקה מספיק. זכור את מספר למערכת האתחול בחרת ערך PIM שגדול מערך ברירת המחדל של VeraCrypt. \n שים לב שהדבר יוביל לטעינה / אתחול איטית בהרבה. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. בחרת במכפיל איטרציות אישי (PIM) שהוא קטן מערך ברירת המחדל של VeraCrypt.שים לב שאם הסיסמה שלך לא מספיק חזקה, זה יכול להוביל לאבטחה חלשה יותר. \n \n האם אתה מאשר שאתה משתמש בסיסמה חזקה? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? הערך המרבי של מכפיל איטרציות (PIM) להצפנת המערכת הוא 65535. אמצעי אחסון PIM \n \n אזהרה: קבצים מוסתרים נמצאו בנתיב חיפוש מפתחות.לא ניתן להשתמש בקבצים מוסתרים כאלה כקובצי מפתח.אם עליך להשתמש בהם כקובצי מפתח, הסר את מאפיין 'מוסתר' (לחץ באמצעות לחצן העכבר הימני על כל אחד מהם, בחר 'מאפיינים', בטל את הסימון של 'מוסתר' ולחץ על אישור).הערה: קבצים מוסתרים גלויים רק אם האפשרות המתאימה מופעלת (מחשב> ארגן> 'אפשרויות תיקייה וחיפוש'> תצוגה). @@ -1104,6 +1107,7 @@ אלגוריתם זה אינו נתמך במצב TrueCrypt. PIM (מכפיל איטרציות אישי) אינו נתמך במצב TrueCrypt. על הסיסמה להכיל 20 תווים או יותר על מנת להשתמש ב- PIM שצוין. \n ניתן להשתמש בסיסמאות קורט רק אם ה- PIM הוא 485 ומעלה. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. אימות טרום אתחול סיסמה חייבת להכיל 20 תווים או יותר על מנת להשתמש ב- PIM שצוין. \n ניתן להשתמש בסיסמאות קורט רק אם ה- PIM הוא 98 ומעלה. כרגע אין תמיכה בקובצי מפתח להצפנת המערכת. אזהרה: VeraCrypt לא הצליח לשחזר את פריסת המקלדת המקורית.זה עלול לגרום לך להזין סיסמה באופן שגוי. diff --git a/Translations/Language.hu.xml b/Translations/Language.hu.xml index c71f555a..c52a2435 100644 --- a/Translations/Language.hu.xml +++ b/Translations/Language.hu.xml @@ -644,10 +644,13 @@ Rejtett kötet PIM-je Rejtett operációs rendszer PIM értéke A PIM (személyes iterációk szorzója) egy olyan érték, amely a következőképpen szabályozza a fejléc-kulcs származtatása során használt iterációk számát:\n Iterációk = 15000 + (PIM x 1000).\n\nHa üresen marad, vagy 0-ra állítja, a VeraCrypt az alapértelmezett értéket (485) fogja használni, amely magasabb biztonsági szintet biztosít.\n\nHa a jelszó kevesebb, mint 20 karakter, a PIM nem lehet kisebb 485-nél a minimális biztonsági szint fenntartása érdekében.\nHa a jelszó legalább 20 karakter, a PIM tetszőleges értékre állítható.\n\nA 485-nál nagyobb PIM-érték lassabb rendszerindítást eredményez. Egy kisebb (485-nél rövidebb) PIM-érték gyorsabb indítást eredményez, de csökkentheti a biztonságot, ha a jelszó nem elég erős. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. A PIM (személyes iterációk szorzója) egy olyan érték, amely a következőképpen szabályozza a fejléc-kulcs származtatása során használt iterációk számát:\n Iterációk = PIM x 2048.\n\nHa üresen marad, vagy 0-ra állítja, a VeraCrypt az alapértelmezett értéket fogja használni, amely magasabb biztonsági szintet biztosít.\n\nHa a jelszó kevesebb, mint 20 karakter, a PIM nem lehet kisebb 98-nál a minimális biztonsági szint fenntartása érdekében.\nHa a jelszó legalább 20 karakter, a PIM tetszőleges értékre állítható.\n\nA 98-nál nagyobb PIM-érték lassabb rendszerindítást eredményez. Egy kisebb (98-nál rövidebb) PIM-érték gyorsabb indítást eredményez, de csökkentheti a biztonságot, ha a jelszó nem elég erős. Emlékezzen az indítani kívánt rendszer számára A VeraCrypt alapértelmezett értékénél nagyobb PIM értéket választott.\nFelhívjuk figyelmét, hogy ez sokkal lassabb csatlakoztatást/indítást eredményez. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. A személyes iterációk szorzóját (PIM) választotta, amely kisebb, mint az alapértelmezett VeraCrypt érték. Vegye figyelembe, ha a jelszó nem elég erős, az gyengébb biztonsági szintet jelenthet.\n\nMegerősíti, hogy erős jelszót használ? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? A személyes iterációk szorzó (PIM) maximális értéke a rendszer titkosításánál 65535. Kötet PIM \n\nFIGYELEM: Rejtett fájlok találhatók a kulcsfájl keresési útvonalában. Az ilyen rejtett fájlok nem használhatók kulcsfájlokként. Ha kulcsfájlként kell használni őket, távolítsa el a 'Rejtett' attribútumot (kattintson jobb gombbal mindegyikre, válassza a 'Tulajdonságok' elemet, törölje a jelet a 'Rejtett' jelölőnégyzetből, majd kattintson az OK gombra). Megjegyzés: A rejtett fájlok csak akkor jelennek meg, ha a megfelelő opció engedélyezve van (Számítógép > Rendszerezés > 'Mappa és keresési lehetőségek' > Nézet). @@ -1104,6 +1107,7 @@ Ez az algoritmus nem támogatott a TrueCrypt módban. A PIM (személyes iterációk szorzója) nem támogatott a TrueCrypt módban. A megadott PIM használatához a jelszónak legalább 20 karaktert kell tartalmaznia.\nRövidebb jelszavak csak akkor használhatók, ha a PIM 485 vagy nagyobb. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. A rendszerindítás előtti hitelesítési jelszónak legalább 20 karaktert kell tartalmaznia a megadott PIM használatához.\nRövidebb jelszavak csak akkor használhatók, ha a PIM 98 vagy annál nagyobb. A kulcsfájlok jelenleg nem támogatottak a rendszertitkosításnál. Figyelem: A VeraCrypt nem tudta visszaállítani az eredeti billentyűzetkiosztást. Ez azt eredményezheti, hogy helytelenül adja meg a jelszót. diff --git a/Translations/Language.id.xml b/Translations/Language.id.xml index 17ccba53..4bfc4d62 100644 --- a/Translations/Language.id.xml +++ b/Translations/Language.id.xml @@ -644,10 +644,13 @@ PIM Volume Tersembunyi PIM untuk Sistem Operasi Tersembunyi PIM (Personal Iterations Multiplier) adalah nilai yang mengontrol jumlah iterasi yang digunakan oleh derivasi kunci header sebagai berikut: \n Iterasi = 15000 + (PIM x 1000). \n \n Ketika dibiarkan kosong atau diatur ke 0, VeraCrypt akan menggunakan nilai default (485) yang memastikan keamanan tinggi. PIM tidak bisa lebih kecil dari 485 untuk mempertahankan tingkat keamanan minimal.\n Ketika kata sandi adalah 20 karakter atau lebih, PIM dapat diatur ke nilai apa pun. Nilai PIM kecil (kurang dari 485) akan mengarah pada pemasangan yang lebih cepat tetapi dapat mengurangi keamanan jika kata sandi tidak cukup kuat. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) adalah nilai yang mengontrol jumlah iterasi yang digunakan oleh derivasi kunci header sebagai berikut:\n Iterasi = PIM x 2048.\n\n Ketika dibiarkan kosong atau diatur ke 0, VeraCrypt akan menggunakan nilai default yang memastikan keamanan tinggi.\n\nMengapa kata sandi kurang dari 20 karakter, PIM tidak bisa lebih kecil dari 98 untuk mempertahankan tingkat keamanan minimal.\nMeng kata sandinya 20 karakter atau 20 karakter, PIM tidak bisa lebih kecil dari 98 untuk mempertahankan tingkat keamanan minimal. Lebih lanjut, PIM dapat diatur ke nilai apa pun. nilai PIM yang lebih besar dari 98 akan mengarah pada boot yang lebih lambat. Nilai PIM kecil (kurang dari 98) akan mengarah ke boot yang lebih cepat tetapi dapat mengurangi keamanan jika kata sandi tidak cukup kuat. Ingat Nomor ke Sistem Boot Anda telah memilih nilai PIM yang lebih besar dari nilai baku VeraCrypt.\nHarap catat bahwa ini akan menyebabkan mengait/boot yang jauh lebih lambat. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Anda telah memilih Personal Iterations Multiplier (PIM) yang lebih kecil dari nilai VeraCrypt default. Harap dicatat bahwa jika kata sandi Anda tidak cukup kuat, ini dapat menyebabkan keamanan yang lebih lemah. + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Nilai maksimum Personal Iterations Multiplier (PIM) untuk enkripsi sistem adalah 65535. PIM Volume \n\nWARNING: File tersembunyi telah ditemukan di jalur pencarian keyfile. File tersembunyi tersebut tidak dapat digunakan sebagai keyfiles. Jika Anda perlu menggunakannya sebagai keyfiles, hapus atribut 'Tersembunyi' mereka (klik kanan masing-masing dari mereka, pilih 'Properti', hapus centang 'Tersembunyi' dan klik OK). Catatan: File tersembunyi hanya terlihat jika opsi yang sesuai diaktifkan (Komputer > Atur > 'Folder dan opsi pencarian' > View). @@ -1104,6 +1107,7 @@ Algoritma ini tidak didukung untuk mode TrueCrypt. PIM (Personal Iterations Multiplier) tidak didukung untuk mode TrueCrypt. Kata sandi harus berisi 20 atau lebih karakter untuk menggunakan PIM yang ditentukan.\nKata sandi yang lebih pendek hanya dapat dipakai bila PIM bernilai 485 atau lebih. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Kata sandi otentikasi pra-boot harus berisi 20 atau lebih karakter untuk menggunakan KATA SANDI PIM yang ditentukan. Berkas kunci saat ini tidak didukung untuk enkripsi sistem. Peringatan: VeraCrypt tidak dapat memulihkan tata letak papan ketik asli. Hal ini dapat menyebabkan Anda memasukkan kata sandi secara salah. diff --git a/Translations/Language.it.xml b/Translations/Language.it.xml index 6f80a258..062f6419 100644 --- a/Translations/Language.it.xml +++ b/Translations/Language.it.xml @@ -644,10 +644,13 @@ Volume PIM Nascosto PIM per Sistema Operativo Nascosto PIM (Moltiplicatore Iterazioni Personale) è un valore che controlla il numero d'iterazioni usate dalle derivazioni della chiave d'intestazione come segue:\nIterazioni = 15000 + (PIM x 1000).\n\nQuando lasciato vuoto o uguale a 0, VeraCrypt sera il valore default (485) che assicura un'elevata sicurezza.\n\nQuando la password è minore di 20 caratteri, PIM non può essere inferiore di 485 in modo da mantenere un livello minimo di sicurezza.\nQuando la password è pi di 20 caratteri, PIM può essere impostato a qualsiasi valore.\n\nUn valore PIM maggiore di 485 comporterà un mount più lento. Un piccolo valore PIM (inferiore di 485) comporterà un mount più veloce ma potrebbe ridurre la sicurezza se la password non è abbastanza robusta. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. IM (Personal Iterations Multiplier) è un valore che controlla il numero di iterazioni usate dalla derivazione della chiave di intestazione come segue:\nIterazioni = PIM x 2048.\n\nQuando lasciato vuoto o impostato su 0, VeraCrypt utilizzerà un valore predefinito che garantisce un'elevata sicurezza.\n\nQuando la password è inferiore a 20 caratteri, PIM non può essere inferiore a 98 per mantenere un livello di sicurezza minimo.\nQuando la password è di 20 caratteri o più, PIM può essere impostato su qualsiasi valore.\n\nUn valore PIM maggiore di 98 comporterà un avvio più lento. Un piccolo valore PIM (inferiore a 98) porterà ad un avvio più rapido ma può ridurre la sicurezza se la password non è abbastanza forte. Numero ricordato al Boot System Hai scelto un valore PIM che è più grande di quello default di VeraCrypt.\nPrendi nota che questo condurrà ad montaggio/boot più lento. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Tu hai scelto un valore Moltiplicatore Iterazioni Personale (PIM) che è più piccolo del valore default VeraCrypt. Per favore nota che se la tua password non è abbastanza forte, questo potrebbe portare a una sicurezza più debole.\n\nVuoi confermare che userai una password robusta ? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Il valore massimo del Moltiplicatore di Iterazioni Personali (PIM) per la cifratura del sistema è 65535. Volume PIM \n\nATTENZIONE: dei file nascosti sono stati trovati nel percorso di ricerca del file chiave. Tali file nascosti non possono essere usati come file-chiave. Se avete bisogno di usarli come un file-chiave, rimuovere l'attributo 'Nascosto' (tasto destro del mouse su ogni file, selezionare 'Proprietà' e deselezionare l'attributo 'Nascosto', quindi clic su OK). Nota: I file nascosti sono visibili solo se l'opzione che ne permette la visione è abilitata (Computer > Organizza > 'Opzioni cartelle e ricerca' > Visualizzazione). @@ -1104,6 +1107,7 @@ Il volume non è supportato per la modalità TrueCrypt. PIM (Moltiplicatore Iterazioni Personali) non è supportato per la modalità TrueCrypt. La password deve contenere almeno 20 o più caratteri per poter usare il PIM specificato.\nPassword più corte possono essere usate solo se il PIM è 486 o maggiore. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. L'autenticazione pre-avvio La password deve contenere 20 o più caratteri per usare il PIM specificato.\nLe password dello sviluppatore possono essere usate solo se il PIM è 98 o superiore. I file chiave sono attualmente non supportate dalla codifica di sistema. AVVERTENZA: VeraCrypt non può ripristinare la configurazione originale della tastiera. Questo può causare la digitazione errata della password. diff --git a/Translations/Language.ja.xml b/Translations/Language.ja.xml index e1f3dac1..ffa3381c 100644 --- a/Translations/Language.ja.xml +++ b/Translations/Language.ja.xml @@ -644,10 +644,13 @@ 隠しボリューム PIM 隠しオペレーティングシステムの PIM PIM (Personal Iterations Multiplier) は、ヘッダーキーの導出に使用される反復回数を制御する値です。\n 反復回数 = 15000 + (PIM x 1000)\n\n空欄のままにするか 0 に設定すると、VeraCrypt は高いセキュリティを保証するデフォルト値 (485) を使用します。\n\nパスワードが 20 文字未満の場合、最小限のセキュリティレベルを維持するために PIM を 485 未満にすることはできません。\nパスワードが 20 文字以上の場合、PIM は任意の値に設定できます。\n\n485 より大きい PIM 値はマウントを遅くします。小さい PIM 値 (485 未満) はマウントを速くしますが、パスワードが十分に強力でない場合、セキュリティが低下する可能性があります。 + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) は、ヘッダーキーの導出に使用される反復回数を制御する値です。\n 反復回数 = PIM x 2048\n\n空欄のままにするか 0 に設定すると、VeraCrypt は高いセキュリティを保証するデフォルト値を使用します。\n\nパスワードが 20 文字未満の場合、最小限のセキュリティレベルを維持するために PIM を 98 未満にすることはできません。\nパスワードが 20 文字以上の場合、PIM は任意の値に設定できます。\n\n98 より大きい PIM 値は起動を遅くします。小さい PIM 値 (98 未満) は起動を速くしますが、パスワードが十分に強力でない場合、セキュリティが低下する可能性があります。 システムを起動するための数値を忘れないでください VeraCrypt のデフォルト値よりも大きい PIM 値を選択しました。\nこれにより、マウント/起動が大幅に遅くなることに注意してください。 + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. VeraCrypt のデフォルト値よりも小さい PIM (Personal Iterations Multiplier) を選択しました。パスワードが十分に強力でない場合、セキュリティが低下する可能性があります。\n\n強力なパスワードを使用していることを確認しますか? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? システム暗号化の PIM (Personal Iterations Multiplier) の最大値は 65535 です。 ボリューム PIM \n\n警告:指定フォルダのキーファイル探索中に隠しファイルが見つかりました。このような隠しファイルはキーファイルとして使用されません。キーファイルとして使用したい場合は隠し属性を解除してください(該当ファイルを右クリックしてプロパティを開き、隠しファイルのチェックを外して「OK」をクリックします)。注:隠しファイルはフォルダオプションですべてのファイルを表示する設定になっていないと表示されません。 @@ -1104,6 +1107,7 @@ このアルゴリズムはTrueCryptモードではサポートされていません。 PIM(Personal Iterations Multiplier)はTrueCryptモードではサポートされていません。 指定されたPIMを使用するには、パスワードは20文字以上でなければなりません。\n短いパスワードは、PIMが485以上の場合にのみ使用できます。 + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. 起動前認証パスワードは、指定されたPIMを使用するためには20文字以上である必要があります。\n短いパスワードは、PIMが98以上の場合にのみ使用できます。 現在、システムの暗号化でのキーファイル使用には対応していません。 警告:VeraCryptは元のキーボードレイアウトを復元できませんでした。そのためパスワードを正確に入力できないおそれがあります。 diff --git a/Translations/Language.ka.xml b/Translations/Language.ka.xml index 0e4f8260..cfcc4420 100644 --- a/Translations/Language.ka.xml +++ b/Translations/Language.ka.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. გაფრთხილება: VeraCrypt ვერ აღადგენს კლავიატურის ორიგინალ განლაგებას. ამან შესაძლოა პაროლის არასწორი შეტანა გამოიწვიოს. diff --git a/Translations/Language.ko.xml b/Translations/Language.ko.xml index 3513d156..b46b7ce2 100644 --- a/Translations/Language.ko.xml +++ b/Translations/Language.ko.xml @@ -644,10 +644,13 @@ 숨겨진 볼륨 PIM 숨겨진 운영 체제용 PIM PIM(Personal Iterations Multiplier)은 헤더 키 파생에 사용되는 반복 횟수를 제어하는 값입니다.\n 반복 = 15000 + (PIM x 1000).\n\n비어 두거나 0으로 설정된 경우 VeraCrypt는 높은 보안을 보장하는 기본값(485)을 사용합니다.\n\n암호가 20자 미만인 경우 PIM은 최소 보안 수준을 유지하기 위해 485자 미만이면 안 됩니다.\n암호가 20자 이상인 경우 PIM을 임의의 값으로 설정할 수 있습니다.\n\nPIM 값이 485보다 크면 마운트 속도가 느려집니다. PIM 값이 작으면(485개 미만) 마운트 속도가 빨라지지만 암호의 강도가 충분하지 않으면 보안을 줄일 수 있습니다. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM(Personal Iterations Multiplier)은 헤더 키 파생에 사용되는 반복 횟수를 제어하는 값입니다.\n 반복 = PIM x 2048\n\n비어 두거나 0으로 설정된 경우 VeraCrypt는 높은 보안을 보장하는 기본값을 사용합니다.\n\n암호가 20자 미만인 경우 PIM은 최소 보안 수준을 유지하기 위해 98자 미만이면 안 됩니다.\n암호가 20자 이상인 경우 PIM을 임의의 값으로 설정할 수 있습니다.\n\nPIM 값이 98보다 크면 부팅 속도가 느려집니다. PIM 값이 작으면 부팅 속도가 빨라지지만 암호가 충분하지 않으면 보안을 줄일 수 있습니다. 부팅 시스템 번호 기억 VeraCrypt 기본값보다 큰 PIM 값을 선택했습니다.\n이렇게하면 마운트/부팅 속도가 훨씬 느려집니다. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. 기본 VeraCrypt 값보다 작은 PIM (Personal Iterations Multiplier)을 선택했습니다. 비밀번호가 충분하지 않으면 보안이 취약해질 수 있습니다.\n\n강력한 비밀번호를 사용하고 있는지 확인 하시겠습니까? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? 시스템 암호화의 개인 반복 곱셈기 (PIM) 최대 값은 65535입니다. 볼륨 PIM \n\n경고: 숨김 파일이 키 파일 검색 경로에서 발견되었습니다. 이러한 숨김 파일은 키 파일로 사용할 수 없습니다. 키 파일로 사용해야하는 경우 '숨김'속성을 제거하십시오 (각 속성을 마우스 오른쪽 단추로 클릭하고 '속성'을 선택하고 '숨김'을 선택 취소하고 확인을 클릭하십시오). 참고: 숨김 파일은 해당 옵션이 활성화 된 경우에만 표시됩니다(컴퓨터> 구성> '폴더 및 검색 옵션'>보기). @@ -1104,6 +1107,7 @@ 이 알고리즘은 TrueCrypt 모드에서는 지원되지 않습니다. TrueCrypt 모드에서는 PIM(개인 반복 다중 경로)이 지원되지 않습니다. 지정된 PIM을 사용하려면 암호가 20자 이상이어야 합니다.\nSorter 암호는 PIM이 485 이상인 경우에만 사용할 수 있습니다. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. 지정된 PIM을 사용하려면 사전 부트 인증 암호가 20자 이상이어야 합니다.\nSorter 암호는 PIM이 98 이상인 경우에만 사용할 수 있습니다. 키 파일은 현재 시스템 암호화에 지원되지 않습니다. 경고: VeraCrypt가 원래 키보드 레이아웃을 복원할 수 없습니다. 이로 인해 암호를 잘못 입력할 수 있습니다. diff --git a/Translations/Language.lv.xml b/Translations/Language.lv.xml index 85e8768c..aa000ce7 100644 --- a/Translations/Language.lv.xml +++ b/Translations/Language.lv.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.my.xml b/Translations/Language.my.xml index c421788c..0c4e5c7d 100644 --- a/Translations/Language.my.xml +++ b/Translations/Language.my.xml @@ -646,10 +646,13 @@ လျှို့ဝှက် Volume PIM လျှို့ဝှက် OS အတွက် PIM PIM (တစ်ကိုယ်ရေသုံး ထပ်တလဲလဲပြုလုပ်ခြင်းများ မြှောက်ကိန်း) သည် ခေါင်းစဉ် စကားဝှက်သော့ တစ်ဆင့်ရယူခြင်းက အသုံးပြုသည့် ထပ်တလဲလဲပြုလုပ်ခြင်းများ အရေအတွက်ကို အောက်ပါအတိုင်း ထိန်းချုပ်သည့် တန်ဖိုးတစ်ခု ဖြစ်သည် -\n ထပ်တလဲလဲပြုလုပ်ခြင်းများ = 15000 + (PIM x 1000)။\n\nအလွတ်အတိုင်း ချန်ထားလျှင် သို့မဟုတ် 0 အဖြစ် သတ်မှတ်ထားလျှင် VeraCrypt သည် လုံခြုံရေးမြင့်ကြောင်း သေချာစေသည့် နဂိုမူလတန်ဖိုး (၄၈၅) ကို အသုံးပြုပါမည်။\n\nစကားဝှက်သည် စာလုံး ၂၀ အောက်ရှိသောအခါ အနည်းဆုံးရှိသင့်သော လုံခြုံရေးအဆင့်ကို ထိန်းသိမ်းရန်အတွက် PIM သည် ၄၈၅ အောက် မငယ်ရပါ။\nစကားဝှက်သည် စာလုံး ၂၀ နှင့်အထက် ရှိသောအခါ PIM ကို မည်သည့်တန်ဖိုးမဆို သတ်မှတ်နိုင်သည်။\n\nPIM တန်ဖိုးသည် ၄၈၅ ထက်ကြီးလျှင် အစပျိုးရာတွင် နှေးပါမည်။ PIM တန်ဖိုးငယ်လျှင် (၄၈၅ အောက်နည်းလျှင်) အစပျိုးရာတွင် မြန်သော်လည်း စကားဝှက်ခိုင်မာမှုနည်းပါက လုံခြုံမှု လျော့နည်းနိုင်သည်။ + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (တစ်ကိုယ်ရေသုံး ထပ်တလဲလဲပြုလုပ်ခြင်းများ မြှောက်ကိန်း) သည် ခေါင်းစဉ် စကားဝှက်သော့ တစ်ဆင့်ရယူခြင်းက အသုံးပြုသည့် ထပ်တလဲလဲပြုလုပ်ခြင်းများ အရေအတွက်ကို အောက်ပါအတိုင်း ထိန်းချုပ်သည့် တန်ဖိုးတစ်ခု ဖြစ်သည် -\n ထပ်တလဲလဲပြုလုပ်ခြင်းများ = PIM x 2048။\n\nအလွတ်အတိုင်း ချန်ထားလျှင် သို့မဟုတ် 0 အဖြစ် သတ်မှတ်ထားလျှင် VeraCrypt သည် လုံခြုံရေးမြင့်ကြောင်း သေချာစေသည့် နဂိုမူလတန်ဖိုးကို အသုံးပြုပါမည်။\n\nစကားဝှက်သည် စာလုံး ၂၀ အောက်ရှိသောအခါ အနည်းဆုံးရှိသင့်သော လုံခြုံရေးအဆင့်ကို ထိန်းသိမ်းရန်အတွက် PIM သည် ၉၈ အောက် မငယ်ရပါ။\nစကားဝှက်သည် စာလုံး ၂၀ နှင့်အထက် ရှိသောအခါ PIM ကို မည်သည့်တန်ဖိုးမဆို သတ်မှတ်နိုင်သည်။\n\nPIM တန်ဖိုးသည် ၉၈ ထက်ကြီးလျှင် စတင်အလုပ်လုပ်ရာတွင်နှေးပါမည်။ PIM တန်ဖိုးငယ်လျှင် (၉၈ အောက်နည်းလျှင်) စတင်အလုပ်လုပ်ရာတွင်မြန်သော်လည်း စကားဝှက်ခိုင်မာမှုနည်းပါက လုံခြုံမှု လျော့နည်းနိုင်သည်။ စနစ် စတင်အလုပ်လုပ်ရန် နံပါတ်ကို မှတ်ထားပါ သင်သည် VeraCrypt နဂိုမူလတန်ဖိုးထက်ကြီးသော PIM တန်ဖိုးကို ရွေးထားသည်။\nယင်းကြောင့် အစပျိုးခြင်း/စတင်အလုပ်လုပ်ခြင်း များစွာပိုနှေးနိုင်ကြောင်း ကျေးဇူးပြု၍ သတိပြုပါ။ + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. သင်သည် နဂိုမူလ VeraCrypt တန်ဖိုးအောက်ငယ်သော တစ်ကိုယ်ရေသုံး ထပ်တလဲလဲပြုလုပ်ခြင်းများ မြှောက်ကိန်း (PIM) ကို ရွေးချယ်ထားသည်။ သင့်စကားဝှက်သည် လုံလောက်စွာမခိုင်မာပါက လုံခြုံရေး ပိုအားနည်းနိုင်ကြောင်း ကျေးဇူးပြု၍ သတိပြုပါ။\n\nသင်သည် ခိုင်မာသော စကားဝှက်ကို အသုံးပြုနေကြောင်း အတည်ပြုပါသလား။ + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? စနစ် ကုဒ်ဖြင့်ပြောင်းလဲမှုအတွက် တစ်ကိုယ်ရေ ထပ်တလဲလဲပြုလုပ်ခြင်းများ မြှောက်ကိန်း (PIM) အများဆုံးတန်ဖိုးမှာ ၆၅၅၃၅ ဖြစ်သည်။ Volume PIM \n\nသတိပေးချက် - လျှို့ဝှက် ဖိုင်(များ)ကို ကီးဖိုင် ရှာဖွေရေး လမ်းကြောင်း၌ တွေ့ရှိရသည်။ ယင်းကဲ့သို့ လျှို့ဝှက် ဖိုင်များကို ကီးဖိုင်အဖြစ် သုံးစွဲ၍ မရပါ။ ၄င်းတို့ကို ကီးဖိုင်များ အဖြစ် သုံးစွဲလိုပါက၊ ၄င်းတို့၏ 'Hidden' သတ်မှတ်ချက်ကို ဖယ်ရှားလိုက်ပါ (၄င်းတို့ကို ညာဖက် နှိပ်ပါ၊ 'Properties' ကို ရွေး၊ 'Hidden' အမှန်ခြစ်ကို ​ဖြုတ်ပြီး OK နှိပ်လိုက်ပါ)။ မှတ်ချက် - လျှို့ဝှက် ဖိုင်များသည် အကယ်၍ သက်ဆိုင်ရာ ရွေးစရာ (Computer > Organize > 'Folder and search options' > View)ကို ဖွင့်ထားမှသာ မြင်နိုင်သည်။ @@ -1106,6 +1109,7 @@ ဤအယ်လဂိုရီသမ်ကို TrueCrypt မုဒ်အတွက် ပံ့ပိုးမထားပါ။ PIM (တစ်ကိုယ်ရေသုံး ထပ်တလဲလဲပြုခြင်းများ မြှောက်ကိန်း) ကို TrueCrypt မုဒ်အတွက် ပံ့ပိုးမထားပါ။ ဖော်ပြထားသော PIM ကို အသုံးပြုရန်အတွက် စကားဝှက်သည် စာလုံး ၂၀ နှင့်အထက် ရှိရပါမည်။\nPIM သည် ၄၈၅ နှင့်အထက် ရှိမှသာ ပိုတိုသော စကားဝှက်များကို အသုံးပြုနိုင်ပါသည်။ + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. ဖော်ပြထားသော PIM ကို အသုံးပြုရန်အတွက် စတင်အလုပ်မလုပ်မီ စစ်မှန်ကြောင်းသက်သေပြသည့် စကားဝှက်သည် စာလုံး ၂၀ နှင့်အထက် ရှိရပါမည်။\nPIM သည် ၉၈ နှင့်အထက် ရှိမှသာ ပိုတိုသော စကားဝှက်များကို အသုံးပြုနိုင်ပါသည်။ ကီးဖိုင်များသည် လောလောဆယ် ကွန်ပျူတာစနစ် စာဝှက်ခြင်းအတွက် ထောက်ပံ့မပေးပါ။​ သတိပေးချက် - VeraCrypt သည် မူရင်း ​ကီးဘုတ် လေးအောက်ကို နဂိုအတိုင်း ပြန်မထားနိုင်ပါ။ ဤအချက်ကြောင့် စကားဝှက်ကို မှားယွင်းစွာ ရေးထည့်မိနိုင်သည်။ diff --git a/Translations/Language.nb.xml b/Translations/Language.nb.xml index fb5eed36..a193cd34 100644 --- a/Translations/Language.nb.xml +++ b/Translations/Language.nb.xml @@ -644,10 +644,13 @@ PIM til Skjult Volum PIM for Skjult Operativsystem PIM (Personal Iterations Multiplier) er en verdi som styrer antall iterasjoner som brukes av header nøkkel avledningen som følger:\n Iterasjoner = 15000 + (PIM x 1000).\n\nNår den er tom eller satt til 0, vil VeraCrypt bruke en standardverdi (485) som sikrer høy sikkerhet.\n\nNår passordet er mindre enn 20 tegn, kan ikke PIM være mindre enn 485 for å opprettholde minimalsikkerhetsnivå.\nNår passordet er 20 tegn eller mer, kan PIM settes til hvilken som helst verdi.\n\nEn PIM-verdi større enn 485 vil føre til langsommere montering. En liten PIM-verdi (mindre enn 485) vil føre til raskere montering, men det kan redusere sikkerheten hvis passordet ikke er sterkt nok. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) er en verdi som styrer antall iterasjoner som brukes av header nøkkel avledningen som følger:\n Iterasjoner = PIM x 2048.\n\nNår den er tom eller satt til 0, vil VeraCrypt bruke en standardverdi som sikrer høy sikkerhet.\n\nNår passordet er mindre enn 20 tegn, kan ikke PIM være mindre enn 98 for å opprettholde minimalsikkerhetsnivå.\nNår passordet er 20 tegn eller mer, kan PIM settes til hvilken som helst verdi.\n\nEn PIM-verdi større enn 98 vil føre til langsommere oppstart. En liten PIM-verdi (mindre enn 98) vil føre til raskere oppstart, men det kan redusere sikkerheten hvis passordet ikke er sterkt nok. Husk nummeret til å starte systemet Du har valgt en PIM-verdi som er større enn VeraCrypt standardverdi.\nVennligst merk at dette vil føre til mye langsommere montering/oppstart. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Du har valgt en Personlig Iterasjon Multiplier (PIM) som er mindre enn den standard VeraCrypt verdien. Vennligst merk at hvis passordet ditt ikke er sterkt nok, kan dette føre til redusert sikkerhet.\n\nBekrefter du at du bruker et sterkt passord? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Maksimalverdi for Personlig Iterasjon Multiplier (PIM) for systemkryptering er 65535. Volum PIM \n\nADVARSEL: Skjulte filer har blitt funnet i en nøkkelfilsøkesti. Slike skjulte filer kan ikke brukes som nøkkelfiler. Hvis du trenger å bruke dem som nøkkelfiler, fjern deres 'Skjult'-attributt (høyreklikk hver av dem, velg 'Egenskaper', fjern 'Skjult' og klikk OK). Merk: Skjulte filer er synlige bare hvis det tilsvarende alternativet er aktivert (Datamaskin > Organiser > 'Mappe- og søkealternativer' > Visning). @@ -1104,6 +1107,7 @@ Denne algoritmen støttes ikke for TrueCrypt-modus. PIM (Personlig Iterations Multiplier) støttes ikke for TrueCrypt-modus. Passordet må inneholde 20 eller flere tegn for å bruke den oppgitte PIM.\nKortere passord kan kun brukes hvis PIM er 485 eller høyere. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot autentiseringspassordet må inneholde 20 eller flere tegn for å bruke den angitte PIM.\nKortere passord kan kun brukes hvis PIM er 98 eller høyere. Nøkkelfiler støttes foreløpig ikke for systemkryptering. Advarsel: VeraCrypt kunne ikke gjenopprette den opprinnelige tastaturoppsettet. Dette kan føre til at du skriver inn passordet feil. diff --git a/Translations/Language.nl.xml b/Translations/Language.nl.xml index 672e726e..b6591264 100644 --- a/Translations/Language.nl.xml +++ b/Translations/Language.nl.xml @@ -644,10 +644,13 @@ Verborgen volume PIM PIM voor het verborgen besturingssysteem PIM (Personal Iterations Multiplier) is een waarde die het aantal iteraties dat door de header key-afleiding wordt gebruikt als volgt bepaalt:\n Iteraties = 15000 + (PIM x 1000).\n\nIndien leeg of op 0 gezet, zal VeraCrypt een standaard waarde (485) gebruiken die een hoge veiligheid garandeert.\n\nWanneer het wachtwoord minder dan 20 tekens lang is, kan PIM niet kleiner zijn dan 485 om een minimaal beveiligingsniveau te handhaven.\nWanneer het wachtwoord 20 tekens of meer bedraagt, kan PIM op elke waarde worden ingesteld.\n\nEen PIM-waarde groter dan 485 leidt tot een tragere koppeling. Een kleine PIM-waarde (minder dan 485) zal leiden tot een snellere koppeling, maar het kan de veiligheid verminderen als het wachtwoord niet sterk genoeg is. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is een waarde die het aantal iteraties dat door de header-sleutel-afleiding wordt gebruikt als volgt bepaalt:\n Iteraties = PIM x 2048.\n\nIndien leeg gelaten of op 0 gezet, zal VeraCrypt een standaard waarde gebruiken die een hoge veiligheid garandeert.\n\nWanneer het wachtwoord minder dan 20 tekens lang is, kan PIM niet kleiner zijn dan 98 om een minimaal beveiligingsniveau te handhaven.\nWanneer het wachtwoord 20 tekens of meer bedraagt, kan PIM op elke waarde worden ingesteld.\n\nEen PIM-waarde groter dan 98 leidt tot een tragere start. Een kleine PIM-waarde (minder dan 98) zal leiden tot een snellere start, maar het kan de veiligheid verminderen als het wachtwoord niet sterk genoeg is. Onthoud het nummer om het systeem op te starten U hebt een PIM-waarde gekozen die groter is dan de standaardwaarde van VeraCrypt.\nMerk op dat dit zal leiden tot een veel tragere koppeling/opstart. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. U heeft gekozen voor een Personal Iterations Multiplier (PIM) die kleiner is dan de standaard VeraCrypt-waarde. Houd er rekening mee dat als uw wachtwoord niet sterk genoeg is, dit kan leiden tot een zwakkere beveiliging.\n\nBevestigt u dat u een sterk wachtwoord gebruikt? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? De maximale waarde voor Personal Iterations Multiplier (PIM) voor systeemversleuteling is 65535. PIM volume \n\nWAARSCHUWING: verborgen bestand(en) gevonden in een zoekpad voor sleutelbestanden. Zulke verborgen bestanden kunnen niet gebruikt worden als sleutelbestanden. Als u ze als sleutelbestanden wilt gebruiken, verwijder dan hun eigenschap 'verborgen' (klik met de rechtermuisknop op elk bestand, selecteer 'eigenschappen', vink 'verborgen' uit en klik op OK). Opmerking: verborgen bestanden zijn alleen zichtbaar als de overeenkomstige optie is ingeschakeld (computer > organiseren > 'map- en zoekopties' > beeld). @@ -1104,6 +1107,7 @@ Dit algoritme wordt niet ondersteund voor de TrueCrypt-modus. PIM (Personal Iterations Multiplier) wordt niet ondersteund voor de TrueCrypt-modus. Het wachtwoord moet 20 of meer tekens bevatten om de opgegeven PIM te kunnen gebruiken.\nKortere wachtwoorden kunnen alleen worden gebruikt als de PIM 485 of hoger is. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Het pre-boot-authenticatiewachtwoord moet 20 of meer tekens bevatten om de opgegeven PIM te kunnen gebruiken.\nKortere wachtwoorden kunnen alleen worden gebruikt als de PIM 98 of meer tekens bevat. Sleutelbestanden worden momenteel niet ondersteund voor systeemversleuteling. Waarschuwing: VeraCrypt kon de oorspronkelijke toetsenbordindeling niet herstellen. Dit kan ertoe leiden dat u een verkeerd wachtwoord invoert. diff --git a/Translations/Language.nn.xml b/Translations/Language.nn.xml index d881bb39..b5c1af13 100644 --- a/Translations/Language.nn.xml +++ b/Translations/Language.nn.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.pl.xml b/Translations/Language.pl.xml index 4a8712a4..ba9616f4 100644 --- a/Translations/Language.pl.xml +++ b/Translations/Language.pl.xml @@ -644,10 +644,13 @@ PIM ukrytego wolumenu PIM ukrytego systemu operacyjnego PIM (Personal Iterations Multiplier), czyli mnożnik osobistych iteracji, to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = 15000 + (PIM x 1000).\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej (485), która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, PIM nie może być mniejszy niż 485, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, PIM może mieć dowolną wartość.\nWartość PIM większa niż 485 spowoduje wolniejsze podłączanie, mała wartość PIM (mniejsza niż 485) spowoduje szybsze podłączanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier), czyli mnożnik osobistych iteracji, to wartość, która następująco kontroluje liczbę iteracji używanych przez derywację klucza nagłówka:\n Iteracje = PIM x 2048.\n\nGdy pozostawione puste lub ustawione na 0, VeraCrypt użyje wartości domyślnej, która zapewnia wysokie bezpieczeństwo.\nGdy hasło jest krótsze niż 20 znaków, PIM nie może być mniejszy niż 98, aby zapewnić minimalny poziom bezpieczeństwa.\nGdy hasło ma 20 znaków lub więcej, PIM może mieć dowolną wartość.\nWartość PIM większa niż 98 spowoduje wolniejsze podłączanie, mała wartość PIM (mniejsza niż 98) spowoduje szybsze podłączanie, ale może zmniejszyć poziom bezpieczeństwa, gdy hasło nie jest wystarczająco silne. Zapamiętaj liczbę do uruchomienia systemu Wybrałeś wartość PIM, która jest większa niż standardowa wartość VeraCrypt.\nProszę zauważyć, że doprowadzi to do znacznie wolniejszego podłączania lub uruchamiania. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Wybrałeś PIM, który jest mniejszy niż podstawowa wartość VeraCrypt. Proszę zauważyć, że jeżeli twoje hasło nie jest wystarczająco mocne, moze to doprowadzić do osłabienia bezpieczeństwa.\n\nCzy potwierdzasz użycie silnego hasła? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Maksymalna wartość PIM dla szyfrowania systemu wynosi 65535. PIM wolumenu \n\nOSTRZEŻENIE: Odnaleziono pliki ukryte na ścieżce wyszukiwaniu plików-kluczy. Takie pliki nie moga zostać użyte jako pliki-klucze. Jeśli potrzebujesz ich jako plików-kluczy, usuń atrybut 'ukryty' (kliknij prawym przyciskiem myszki na każdym z nich, wybierz 'Właściwości', odznacz 'Ukryty' i wciśnij OK). Sugestia: Pliki ukryte widoczne są tylko jeśli włączona jest odpowiednia opcja (Komputer > Organizuj > 'Opcje folderów i wyszukiwania' > Widok). @@ -1104,6 +1107,7 @@ Ten algorytm nie jest obsługiwany w trybie TrueCrypt. PIM nie obsługuje trybu TrueCrypt. Hasło musi zawierać przynajmniej 20 albo więcej znaków, aby móc używać określonego PIM.\nKrótsze hasła mogą być używane tylko wtedy, gdy PIM wynosi 485 albo więcej. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Hasło uwierzytelniania przed uruchomieniem musi zawierać 20 albo więcej znaków, aby móc używać określonego PIM.\nKrótsze hasła mogą być używane tylko wtedy, gdy PIM wynosi 98 albo więcej. Pliki-klucze nie są obecnie obsługiwane/wspierane do szyfrowania systemu. Ostrzeżenie: Program VeraCrypt nie mógł odtworzyć oryginalnych ustawień klawiatury. To może spowodować błędne wprowadzenie hasła. diff --git a/Translations/Language.pt-br.xml b/Translations/Language.pt-br.xml index 2621145e..e335b739 100644 --- a/Translations/Language.pt-br.xml +++ b/Translations/Language.pt-br.xml @@ -644,10 +644,13 @@ PIM do Volume Oculto PIM para o Sistema Operacional Oculto PIM (Multiplicador de Iterações Pessoais) é um valor que controla o número de iterações usadas na derivação da chave do cabeçalho, conforme a fórmula:\n Iterações = 15000 + (PIM x 1000).\n\nQuando deixado vazio ou definido como 0, o VeraCrypt usará um valor padrão (485) que garante alta segurança.\n\nSe a senha tiver menos de 20 caracteres, o PIM não pode ser menor que 485 para manter o nível mínimo de segurança.\nSe a senha tiver 20 caracteres ou mais, o PIM pode ser definido para qualquer valor.\n\nUm PIM maior que 485 resultará em montagem mais lenta. Um PIM menor que 485 resultará em montagem mais rápida, mas poderá reduzir a segurança caso a senha não seja suficientemente forte. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Multiplicador de Iterações Pessoais) é um valor que controla o número de iterações usadas na derivação da chave do cabeçalho, conforme a fórmula:\n Iterações = PIM x 2048.\n\nQuando deixado vazio ou definido como 0, o VeraCrypt usará um valor padrão que garante alta segurança.\n\nSe a senha tiver menos de 20 caracteres, o PIM não pode ser menor que 98 para manter o nível mínimo de segurança.\nSe a senha tiver 20 caracteres ou mais, o PIM pode ser definido para qualquer valor.\n\nUm PIM maior que 98 resultará em inicialização mais lenta. Um PIM menor que 98 resultará em inicialização mais rápida, mas poderá reduzir a segurança caso a senha não seja suficientemente forte. Lembre-se do Número para Inicializar o Sistema Você escolheu um valor de PIM maior que o valor padrão do VeraCrypt.\nObserve que isso resultará em montagem ou inicialização significativamente mais lenta. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Você escolheu um Multiplicador de Iterações Pessoais (PIM) menor que o valor padrão do VeraCrypt. Observe que, se sua senha não for suficientemente forte, isso poderá reduzir a segurança.\n\nVocê confirma que está usando uma senha forte? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? O valor máximo do Multiplicador de Iterações Pessoais (PIM) para criptografia de sistema é 65535. Volume PIM \n\nAVISO: Arquivos ocultos foram encontrados em um caminho de pesquisa de arquivos de chave. Arquivos ocultos não podem ser usados como arquivo de chave. Se precisar usá-los como arquivo de chave, remova o atributo 'Oculto' (clique com o botão direito em cada arquivo, selecione 'Propriedades', desmarque 'Oculto' e clique em OK). Nota: Arquivos ocultos são visíveis apenas se a opção correspondente estiver ativada (Computador > Organizar > 'Opções de pasta e pesquisa' > Exibir). @@ -1104,6 +1107,7 @@ Este algoritmo não é suportado no modo TrueCrypt. PIM (Multiplicador Pessoal de Iterações) não é compatível com o modo TrueCrypt. A senha deve conter 20 ou mais caracteres para usar o PIM especificado.\nSenhas mais curtas só podem ser usadas se o PIM for 485 ou superior. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. A senha de autenticação pré-inicialização deve conter 20 ou mais caracteres para usar o PIM especificado.\nSenhas mais curtas só podem ser usadas se o PIM for 98 ou superior. Arquivos-chave atualmente não são suportados para criptografia do sistema. Aviso: O VeraCrypt não conseguiu restaurar o layout original do teclado. Isto poderá fazê-lo digitar a senha incorretamente. diff --git a/Translations/Language.ro.xml b/Translations/Language.ro.xml index 36e8d6d8..075099e6 100644 --- a/Translations/Language.ro.xml +++ b/Translations/Language.ro.xml @@ -644,10 +644,13 @@ MIP volum ascuns MIP pentru sistemul de operare ascuns MIP (Multiplicator Iterații Personal) este o valoare care stabilește numărul de iterații folosit de către cheia de derivare a antetului după cum urmează:\n Iterații = 15000 + (MIP x 1000).\n\nDacă e lăsat gol sau cu valoarea 0, VeraCrypt va utiliza valoarea implicită (485) ce asigură o securitate sporită.\n\nDacă parola are mai puțin de 20 de caractere, valoarea MIP nu poate fi mai mică de 485 pentru a asigura un nivel de securitate minim.\nDacă parola are 20 de caractere sau mai multe, MIP poate fi setat cu orice valoare.\n\nO valoare a MIP mai mare de 485 va determina o durată de montare mai îndelungată. O valoare mai mică a MIP (mai puțin de 485) va duce la o montare mai rapidă dar poate reduce securitatea dacă parola nu este suficient de puternică. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. MIP (Multiplicator Iterații Personal) este o valoare care stabilește numărul de iterații folosit de către cheia de derivare a antetului după cum urmează:\n Iterații = MIP x 2048.\n\nDacă e lăsat gol sau cu valoarea 0, VeraCrypt va utiliza valoarea implicită (98) ce asigură o securitate sporită.\n\nDacă parola are mai puțin de 20 de caractere, valoarea MIP nu poate fi mai mică de 98 pentru a asigura un nivel de securitate minim.\nDacă parola are 20 de caractere sau mai multe, MIP poate fi setat cu orice valoare.\n\nO valoare a MIP mai mare de 98 va determina o întârziere mai îndelungată a pornirii sistemului. O valoare mai mică a MIP (mai puțin de 98) va duce la o pornire mai rapidă dar poate reduce securitatea dacă parola nu este suficient de puternică. Rețineți numărul pentru a porni sistemul Ați ales o valoare a MIP mai mare decât valoarea implicită a VeraCrypt.\nAceasta va determina o pornire mult mai înceată a sistemului sau montare a volumelor. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Ați ales o valoare a MIP care este mai mică decât valoarea implicită a VeraCrypt. Dacă parola nu este suficient de puternică, aceasta ar putea determina o securitate mai slabă.\n\nConfirmați că utilizați o parolă puternică? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Valoarea maximă a MIP (Multiplicator Iterații Personal) pentru criptarea sistemului este 65535. MIP volum \n\nATENȚIE: A fost găsit unul sau mai multe fișiere ascunse în calea de căutare a fișierului cheie. Astfel de fișiere ascunse nu pot fi folosite ca fișiere-cheie. Dacă doriți să le folosiți ca fișiere-cheie, ștergeți-le atributul „Ascuns” (apăsați cu clic dreapta pe fiecare din ele, selectați „Properties”, debifați „Hidden” și apoi apăsați pe «OK»). Notă: Fișierele ascunse sunt vizibile numai dacă opțiunea corespunzătoare este activată („Computer” > „Organize” > „Folder and search options” > „View”). @@ -1104,6 +1107,7 @@ Acest algoritm nu este suportat pentru modul TrueCrypt. MIP (Multiplicator Iterații Personal) nu este suportat în modul TrueCrypt. Parola trebuie să conțină 20 sau mai multe caractere pentru a putea folosi valoarea MIP specificată.\nParolele mai scurte pot fi folosite doar dacă MIP este 485 sau mai mare. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Parola de autentificare la pornire trebuie să conțină 20 sau mai multe caractere pentru a putea folosi valoarea MIP specificată.\nParolele mai scurte pot fi folosite doar dacă MIP este 98 sau mai mare. Fișierele-cheie nu sunt momentan suportate pentru criptarea partiției sistem. Avertizare: VeraCrypt nu a putut restaura formatul original al tastaturii. Aceasta au putea determina introducerea greșită a parolei. diff --git a/Translations/Language.ru.xml b/Translations/Language.ru.xml index 282fb88f..d86dba66 100644 --- a/Translations/Language.ru.xml +++ b/Translations/Language.ru.xml @@ -644,10 +644,13 @@ PIM скрытого тома PIM скрытой ОС PIM (персональный множитель итераций) - это значение, управляющее количеством итераций для формирования ключа заголовка.\n Итерации = 15000 + (PIM x 1000).\n\nЕсли пусто или равно нулю, то используется стандартное значение (485), обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 485, чтобы гарантировать минимальный уровень защиты.\nДля пароля из 20 и более символов PIM может быть любым.\n\nPIM более 485 замедляет монтирование. При меньшем PIM (до 485) монтирование ускоряется, но снижается надёжность, если пароль недостаточно сложный. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (персональный множитель итераций) - это значение, управляющее количеством итераций для формирования ключа заголовка.\n Итерации = PIM x 2048.\n\nЕсли пусто или равно нулю, будет использоваться стандартное значение, обеспечивающее высокую надёжность.\n\nЕсли пароль короче 20 символов, PIM не может быть меньше 98, чтобы гарантировать минимальный уровень защиты.\nДля пароля из 20 и более символов PIM может быть любым.\n\nPIM более 98 замедляет загрузку. При меньшем PIM (до 98) загрузка ускоряется, но снижается надёжность, если пароль недостаточно сложный. Запомните число для загрузки системы Выбранный PIM - больше стандартного.\nЭто значительно замедлит монтирование/загрузку. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Выбранный PIM - меньше стандартного. Если ваш пароль недостаточно надёжен, это может ослабить защиту.\n\nПодтверждаете, что пароль надёжный? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Максимальный PIM для шифрования системы - 65 535. PIM тома \n\nВнимание! В пути поиска ключевых файлов обнаружены скрытые файлы. Скрытые файлы не могут быть ключевыми. Если вы хотите использовать их как ключевые, снимите у них атрибут "Скрытый" (на каждом из них щёлкните правой кнопкой мыши, выберите "Свойства", снимите флажок "Скрытый" и нажмите OK). Учтите, что скрытые файлы видны только при соответствующей системной настройке (Компьютер > Сервис > Параметры папок (Свойства папки) > Вид). @@ -1104,6 +1107,7 @@ Этот алгоритм не поддерживается в режиме TrueCrypt. PIM (персональный множитель итераций) не поддерживается в режиме TrueCrypt. Для использования указанного PIM пароль должен быть не короче 20 символов.\nБолее короткие пароли можно применять только с PIM не менее 485. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Для использования указанного PIM пароль предзагрузочной аутентификации должен быть не короче 20 символов.\nБолее короткие пароли можно использовать только с PIM не менее 98. Сейчас ключевые файлы для шифрования системы не поддерживаются. ВНИМАНИЕ: VeraCrypt не удалось восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. diff --git a/Translations/Language.sk.xml b/Translations/Language.sk.xml index b2f2a32c..f027e342 100644 --- a/Translations/Language.sk.xml +++ b/Translations/Language.sk.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/Translations/Language.sl.xml b/Translations/Language.sl.xml index ba5664f9..d29f4735 100644 --- a/Translations/Language.sl.xml +++ b/Translations/Language.sl.xml @@ -644,10 +644,13 @@ PIM skritega nosilca PIM skritega operacijskega sistema PIM (Personal Iterations Multiplier) je vrednost, ki nadzoruje število iteracij,ki jih uporabljajo izpeljave ključa glave, kot sledi:\n Iteracij = 15000 + (PIM x 1000).\n\nČe je leva stran prazna ali 0, bo VeraCrypt uporabil privzeto vrednost (485), ki zagotavlja visoko varnost.\n\nČe ima geslo manj kot 20 znakov, PIM ne more biti manjši od 485, da imamo zagotovljeno minimalno varnost.\nČe ima geslo 20 ali več znakov, lahko PIM nastavimo na poljubno vrednost.\n\nVrednost PIM večja od 485 bo upočasnila proklop. Manjša vrednost PIM (manj od 485) pospeši priklop a zmanjša varnost, če geslo ni dovolj močno. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) je vrednost, ki nadzira število iteracij, ki jih uporablja izpeljava ključa glave, kot sledi:\n Iteracij = PIM x 2048.\n\nČe ostane prazno ali nastavljeno na 0, bo VeraCrypt uporabil privzeto vrednost, ki zagotavlja visoko varnost.\n\nČe je geslo krajše od 20 znakov, PIM ne sme biti manjši od 98, da se ohrani minimalna raven varnosti.\nČe ima geslo 20 znakov ali več, lahko PIM nastaviš na poljubno vrednost.\n\nVrednost PIM, večja od 98, povzroči počasnejši zagon. Majhna vrednost PIM (manj kot 98) bo povzročila hitrejši zagon, vendar lahko zmanjša varnost, če geslo ni dovolj močno. Zapomni si številko za zagon sistema Izbral si vrednost PIM, ki je večja od privzete vrednosti VeraCrypt.\nUpoštevaj, da bo to povzročilo veliko počasnejšo namestitev/zagon. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Izbral si osebni množitelj ponovitev (PIM), ki je manjši od privzete vrednosti VeraCrypt. Upoštevaj, da če tvoje geslo ni dovolj močno, lahko to povzroči šibkejšo varnost.\n\nAli potrjuješ, da uporabljaš močno geslo? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Največja vrednost množitelja osebnih ponovitev (PIM) za sistemsko šifriranje je 65535. PIM nosilca \n\nOPOZORILO: Na iskalni poti ključne datoteke so bile najdene skrite datoteke. Takih skritih datotek ni mogoče uporabiti kot ključne datoteke. Če jih želiš uporabiti kot ključne datoteke, odstrani njihov atribut 'Hidden' (z desno miškino tipko klikni vsako od njih, izberi 'Properties', počisti polje 'Hidden' in klikni OK). Opomba: Skrite datoteke so vidne samo, če je omogočena ustrezna možnost (Računalnik > Organiziraj > 'Možnosti mape in iskanja' > Pogled). @@ -1104,6 +1107,7 @@ Ta algoritem ni podprt za način TrueCrypt. PIM (Personal Iterations Multiplier) ni podprt v načinu TrueCrypt. Geslo mora vsebovati 20 ali več znakov, če želite uporabiti navedeni PIM.\nKrajša gesla je mogoče uporabiti le, če je PIM 485 ali višji. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Preverjanje pristnosti pred zagonom Geslo mora vsebovati 20 ali več znakov, če želiš uporabiti navedeni PIM.\nKrajša gesla je mogoče uporabiti samo, če je PIM 98 ali več. Ključne datoteke trenutno niso podprte za sistemsko šifriranje. Opozorilo: VeraCrypt ni mogel obnoviti prvotne postavitve tipkovnice. Zaradi tega lahko vneseš napačno geslo. diff --git a/Translations/Language.sv.xml b/Translations/Language.sv.xml index 429c9059..93691dab 100644 --- a/Translations/Language.sv.xml +++ b/Translations/Language.sv.xml @@ -644,10 +644,13 @@ Dold volym-PIM PIM för dolt operativsystem PIM (personlig iterationsmultiplikator) är ett värde som styr antalet iterationer som används av huvudnyckelhärledningen enligt följande:\n Iterationer = 15 000 + (PIM x 1000).\n\nNär det lämnas tomt eller ställs in på 0, kommer VeraCrypt att använda ett standardvärde (485) som garanterar en hög säkerhet.\n\nNär lösenordet är mindre än 20 tecken kan PIM inte vara mindre än 485 för att bibehålla en minimal säkerhetsnivå.\nNär lösenordet är 20 tecken eller mer, PIM kan ställas in på vilket värde som helst.\n\nEtt PIM-värde större än 485 leder till långsammare montering. Ett litet PIM-värde (mindre än 485) kommer att leda till en snabbare montering men det kan minska säkerheten om lösenordet inte är tillräckligt starkt. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (personlig iterationsmultiplikator) är ett värde som kontrollerar antalet iterationer som används av huvudnyckelns härledning enligt följande:\n Iterationer = PIM x 2048.\n\nNär det lämnas tomt eller inställt på 0, kommer VeraCrypt att använda ett standardvärde som garanterar en hög säkerhet.\n\nNär lösenordet är mindre än 20 tecken kan PIM inte vara mindre än 98 för att bibehålla en minimal säkerhetsnivå.\nNär lösenordet är 20 tecken eller mer kan PIM ställas in på valfri värde.\n\nEtt PIM-värde större än 98 leder till långsammare uppstart. Ett litet PIM-värde (mindre än 98) kommer att leda till en snabbare uppstart men det kan minska säkerheten om lösenordet inte är tillräckligt starkt. Kom ihåg numret för att starta systemet Du har valt ett PIM-värde som är större än VeraCrypts standardvärde.\nObservera att detta kommer att leda till mycket långsammare montering/start. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Du har valt en personlig iterationsmultiplikator (PIM) som är mindre än VeraCrypt-värdet. Observera att om ditt lösenord inte är tillräckligt starkt kan detta leda till en svagare säkerhet.\n\nBekräftar du att du använder ett starkt lösenord? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personlig iterationsmultiplikator (PIM) maxvärdet för systemkryptering är 65535. Volym-PIM \n\nVARNING: Dold fil/dolda filer har hittats i en sökväg för nyckelfil. Sådana dolda filer kan inte användas som nyckelfiler. Om du behöver använda dem som nyckelfiler, ta bort deras "Dold"-attribut (högerklicka på var och en av dem, välj "Egenskaper", avmarkera "Dold" och klicka på OK). Obs: Dolda filer är endast synliga om motsvarande alternativ är aktiverat (Dator > Organisera > "Mapp- och sökalternativ" > Visa). @@ -1104,6 +1107,7 @@ Den här algoritmen stöds inte för TrueCrypt-läge. PIM (personlig iterationsmultiplikator) stöds inte för TrueCrypt-läge. Lösenordet måste innehålla 20 eller fler tecken för att använda den angivna PIM.\nKortare lösenord kan endast användas om PIM är 485 eller högre. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Autentiseringenslösenordet före start måste innehålla 20 eller fler tecken för att använda den angivna PIM.\nKortare lösenord kan endast användas om PIM är 98 eller högre. Nyckelfiler stöds för närvarande inte vid systemkryptering. Varning: VeraCrypt kunde inte återställa den ursprungliga tangentbordslayouten. Detta kan orsaka att du anger ett felaktigt lösenord. diff --git a/Translations/Language.th.xml b/Translations/Language.th.xml index fd0f4227..42dbf189 100644 --- a/Translations/Language.th.xml +++ b/Translations/Language.th.xml @@ -644,10 +644,13 @@ PIM ของไดรฟ์ที่ซ่อน PIM สำหรับระบบปฏิบัติการที่ซ่อน PIM (Personal Iterations Multiplier) เป็นค่าที่ควบคุมจำนวนรอบที่ใช้ในการสกัดกั้นคีย์ต้นฉบับดังนี้:\n Iterations = 15000 + (PIM x 1000).\n\nเมื่อทิ้งว่างหรือกำหนดให้อยู่ที่ 0, VeraCrypt จะใช้ค่าเริ่มต้น (485) ที่รับรองความปลอดภัยสูงอยู่แล้ว\n\nหากรหัสผ่านน้อยกว่า 20 ตัวอักษร, PIM ไม่สามารถน้อยกว่า 485 เพื่อรักษาระดับความปลอดภัยขั้นต่ำ\nหากรหัสผ่านมี 20 ตัวอักษรหรือนานกว่านั้น, PIM สามารถตั้งค่าได้ทุกค่า\n\nค่า PIM ที่มากกว่า 485 จะนำไปสู่การเมานท์ที่ช้ากว่า ค่า PIM ขนาดเล็ก (น้อยกว่า 485) จะทำให้เมานท์เร็วขึ้นแต่จะลดความปลอดภัยหากรหัสผ่านไม่แข็งแรงพอ + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) เป็นค่าที่ควบคุมจำนวนรอบที่ใช้ในการสกัดกั้นคีย์ต้นฉบับดังนี้:\n Iterations = PIM x 2048.\n\nเมื่อทิ้งว่างหรือกำหนดให้อยู่ที่ 0, VeraCrypt จะใช้ค่าเริ่มต้นที่รับรองความปลอดภัยสูง\n\nหากรหัสผ่านน้อยกว่า 20 ตัวอักษร, PIM ไม่สามารถน้อยกว่า 98 เพื่อรักษาระดับความปลอดภัยขั้นต่ำ\nหากรหัสผ่านมี 20 ตัวอักษรหรือนานกว่านั้น, PIM สามารถตั้งค่าได้ทุกค่า\n\nค่า PIM ที่มากกว่า 98 จะนำไปสู่การบูตที่ช้ากว่า ค่า PIM ขนาดเล็ก (น้อยกว่า 98) จะทำให้บูตเร็วขึ้นแต่จะลดความปลอดภัยหากรหัสผ่านไม่แข็งแรงพอ จำจำนวนเพื่อบูตระบบ คุณได้เลือกค่า PIM ที่มากกว่าค่าเริ่มต้นของ VeraCrypt\nโปรดทราบว่าสิ่งนี้จะนำไปสู่การเมานท์/บูตที่ช้ากว่ามาก + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. คุณได้เลือก Personal Iterations Multiplier (PIM) ที่น้อยกว่าค่าเริ่มต้นของ VeraCrypt โปรดทราบว่าหากรหัสผ่านของคุณไม่แข็งแรงเพียงพอ สิ่งนี้อาจส่งผลให้ความปลอดภัยลดลง\n\nคุณยืนยันว่าคุณใช้รหัสผ่านที่แข็งแรงหรือไม่? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? ค่าสูงสุดของ Personal Iterations Multiplier (PIM) สำหรับการเข้ารหัสระบบคือ 65535 PIM ของไดรฟ์ \n\nคำเตือน: พบไฟล์ที่ซ่อนในเส้นทางการค้นหาคีย์ไฟล์ ไฟล์ที่ซ่อนไม่สามารถใช้เป็นคีย์ไฟล์ได้ หากคุณต้องการใช้เป็นคีย์ไฟล์ ให้ลบคุณสมบัติ 'ซ่อน' ออก (คลิกขวาที่แต่ละไฟล์, เลือก 'คุณสมบัติ', ยกเลิกเลือก 'ซ่อน' และคลิกตกลง) หมายเหตุ: ไฟล์ที่ซ่อนมองเห็นได้เฉพาะเมื่อเปิดตัวเลือกที่เกี่ยวข้อง (คอมพิวเตอร์ > จัดระเบียบ > 'ตัวเลือกโฟลเดอร์และการค้นหา' > มุมมอง) @@ -1104,6 +1107,7 @@ อัลกอริธึมนี้ไม่รองรับสำหรับโหมด TrueCrypt. PIM (ตัวคูณการวนซ้ำส่วนบุคคล) ไม่รองรับสำหรับโหมด TrueCrypt. รหัสผ่านต้องมีอักขระ 20 หลักขึ้นไปเพื่อใช้ PIM ที่ระบุ.\nรหัสผ่านที่สั้นกว่าจะใช้ได้ก็ต่อเมื่อ PIM มีค่า 485 หรือมากกว่า. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. รหัสผ่านก่อนบูทต้องมีอักขระ 20 หลักขึ้นไปเพื่อใช้ PIM ที่ระบุ.\nรหัสผ่านที่สั้นกว่าจะใช้ได้ก็ต่อเมื่อ PIM มีค่า 98 หรือมากกว่า. ไฟล์คีย์ยังไม่รองรับสำหรับการเข้ารหัสระบบ. คำเตือน: VeraCrypt ไม่สามารถคืนการเรียงลำดับแป้นพิมพ์เดิมได้. สิ่งนี้อาจทำให้คุณป้อนรหัสผ่านไม่ถูกต้อง. diff --git a/Translations/Language.tr.xml b/Translations/Language.tr.xml index 3ee472e9..92bc6ea4 100644 --- a/Translations/Language.tr.xml +++ b/Translations/Language.tr.xml @@ -644,10 +644,13 @@ Gizli birim kişisel çevrim çarpanı Gizli işletim sistemi kişisel çevrim çarpanı Kişisel çevrim çarpanı (PIM) değeri, üst bilgi anahtar türetme algoritması tarafından kullanılan çevrim sayısını şu şekilde kontrol eder:\n Çevrim = 15000 + (PIM x 1000).\n\nBoş bırakıldığında veya 0 olarak ayarlandığında VeraCrypt şunu yüksek güvenlik sağlayan varsayılan değeri (485) kullanır.\n\nParolanın uzunluğu 20 karakterden az olduğunda, en düşük güvenlik düzeyini korumak için PIM 485 değerinden küçük olamaz.\nParola uzunluğu 20 karakter veya daha fazla olduğunda, PIM herhangi bir değere ayarlanabilir.\n\n485 değerinden büyük bir PIM, bağlanmanın yavaşlamasına neden olur. Küçük bir PIM değeri (485 değerinden küçük) daha hızlı bir bağlanma sağlar ancak parola yeterince güçlü değilse güvenliği azaltabilir. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. Kişisel çevrim çarpanı (PIM) değeri, üst bilgi anahtar türetme algoritması tarafından kullanılan çevrim sayısını şu şekilde kontrol eder:\n Çevrim = PIM x 2048.\n\nBoş bırakıldığında veya 0 olarak ayarlandığında VeraCrypt yüksek güvenlik sağlayan varsayılan değeri kullanır.\n\nParolanın uzunluğu 20 karakterden az olduğunda, en düşük güvenlik düzeyini korumak için PIM 98 değerinden küçük olamaz.\nParola uzunluğu 20 karakter veya daha fazla olduğunda, PIM herhangi bir değere ayarlanabilir.\n\n98 değerinden büyük bir PIM, başlatmanın yavaşlamasına neden olur. Küçük bir PIM değeri (98 değerinden küçük) daha hızlı bir başlatma sağlar ancak parola yeterince güçlü değilse güvenliği azaltabilir. Birimi başlatmak için numara anımsansın Varsayılan VeraCrypt değerinden daha büyük bir kişisel çevrim çarpanı (PIM) değeri seçtiniz.\nLütfen bu değerin bağlanma ya da başlatmanın çok daha yavaş olmasına yol açacağını unutmayın. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Varsayılan VeraCrypt değerinden daha küçük bir kişisel çevrim çarpanı (PIM) seçtiniz. Lütfen parolanızın yeterince güçlü olmaması durumunda güvenliğin zayıflayabileceğini unutmayın.\n\nGüçlü bir parola kullandığınızı onaylıyor musunuz? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Sistem şifrelemesi için kişisel çevrim çarpanının (PIM) en büyük değeri 65535 olabilir. Birimin kişisel çevrim çarpanı \n\nUYARI: Anahtar dosya arama yolunda gizli dosyalar bulundu. Bu tür gizli dosyalar anahtar dosyalar olarak kullanılamaz. Bunları anahtar dosya olarak kullanmanız gerekiyorsa, 'Gizli' özelliklerini kaldırın (her birine sağ tıklayın, 'Özellikler' üzerine tıklayın, 'Gizli' kutusundaki işareti kaldırın ve 'Tamam' üzerine tıklayın). Not: Gizli dosyalar yalnızca ilgili seçenek etkinleştirildiğinde görünür ('Bilgisayar' > 'Organize et' > 'Klasör ve arama seçenekleri' > 'Görüntüle'). @@ -1104,6 +1107,7 @@ Bu algoritma TrueCrypt kipinde desteklenmiyor. KÇÇ (Kişisel Çevrim Çarpanı, PIM) TrueCrypt kipinde desteklenmiyor. Belirtilen KÇÇ değerinin kullanılabilmesi için parola 20 ya da daha fazla karakterden oluşmalıdır.\nDaha kısa parolalar için KÇÇ değeri 485 ya da daha büyük olmalıdır. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Belirtilen KÇÇ değerinin kullanılabilmesi için başlatma öncesi kimlik doğrulaması parolası 20 ya da daha fazla karakterden oluşmalıdır.\nDaha kısa parolalar için KÇÇ değeri 98 ya da daha büyük olmalıdır. Şu anda sistem şifrelemesi için anahtar dosyaları desteklenmiyor. Uyarı: VeraCrypt özgün klavye düzenini geri yükleyemedi. Bu durum, parolayı yanlış yazmanıza neden olabilir. diff --git a/Translations/Language.uk.xml b/Translations/Language.uk.xml index 4865750e..3cae3dc9 100644 --- a/Translations/Language.uk.xml +++ b/Translations/Language.uk.xml @@ -644,10 +644,13 @@ PIM прихованого тому PIM для прихованої операційної системи PIM (Приватний Множник Ітерацій) - це величина, яка контролює кількість ітерацій, використовуваних для виведення ключа заголовка наступним чином:\n Ітерації = 15000 + (PIM x 1000).\n\nЯкщо залишити порожнім або встановити на 0, VeraCrypt буде використовувати значення за замовчуванням (485), яке забезпечує високий рівень безпеки.\n\nЯкщо пароль менше 20 символів, PIM не може бути менше 485, щоб підтримувати мінімальний рівень безпеки.\nЯкщо пароль містить 20 або більше символів, PIM може бути встановлений на будь-яке значення.\n\nЗначення PIM більше 485 призведе до повільнішого монтування. Маленьке значення PIM (менше 485) призведе до швидшого монтування, але може знизити безпеку, якщо пароль недостатньо сильний. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Приватний Множник Ітерацій) - це величина, яка контролює кількість ітерацій, використовуваних для виведення ключа заголовка наступним чином:\n Ітерації = PIM x 2048.\n\nЯкщо залишити порожнім або встановити на 0, VeraCrypt буде використовувати значення за замовчуванням, яке забезпечує високий рівень безпеки.\n\nЯкщо пароль менше 20 символів, PIM не може бути менше 98, щоб підтримувати мінімальний рівень безпеки.\nЯкщо пароль містить 20 або більше символів, PIM може бути встановлений на будь-яке значення.\n\nЗначення PIM більше 98 призведе до повільнішого завантаження. Маленьке значення PIM (менше 98) призведе до швидшого завантаження, але може знизити безпеку, якщо пароль недостатньо сильний. Запам’ятайте номер для завантаження системи Ви вибрали значення PIM, яке більше значення за замовчуванням у VeraCrypt.\nБудь ласка, зверніть увагу, що це призведе до значно повільнішого монтування/завантаження. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. Ви вибрали Приватний Множник Ітерацій (PIM), який менший за значення за замовчуванням у VeraCrypt. Будь ласка, зверніть увагу, що якщо ваш пароль недостатньо сильний, це може спричинити меншу безпеку.\n\nВи підтверджуєте, що використовуєте сильний пароль? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Максимальне значення Приватного Множника Ітерацій (PIM) для системного шифрування становить 65535. PIM тому \n\nУвага! У шляху пошуку ключових файлів виявлені приховані файли. Приховані файли не можуть бути ключовими. Якщо ви бажаєте використовувати їх як ключові, зніміть у них атрибут 'Прихований' (на кожному з них правою кнопкою миші, виберіть 'Властивості', зніміть прапорець 'Прихований' і натисніть ГАРАЗД). Врахуйте, що приховані файли видно тільки при відповідному системному налаштуванні (Комп'ютер > Сервіс > Параметри тек (Властивості теки) > Вигляд). @@ -1104,6 +1107,7 @@ Цей алгоритм не підтримується в режимі TrueCrypt. PIM (Персональний множник ітерацій) не підтримується в режимі TrueCrypt. Пароль повинен містити 20 або більше символів для використання вказаного PIM.\nКоротші паролі можна використовувати лише якщо PIM становить 485 або більше. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Пароль автентифікації до завантаження повинен містити 20 або більше символів для використання вказаного PIM.\nКоротші паролі можна використовувати лише якщо PIM становить 98 або більше. В даний момент ключові файли для шифрування системи не підтримуються. Увага! VeraCrypt не може відновити первісну розкладку клавіатури. Це може призвести до неправильного введення пароля. diff --git a/Translations/Language.uz.xml b/Translations/Language.uz.xml index 24c1914e..6766bf9f 100644 --- a/Translations/Language.uz.xml +++ b/Translations/Language.uz.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. В настоящий момент ключевые файлы для шифрования системы не поддерживаются. Внимание! VeraCrypt не может восстановить первоначальную раскладку клавиатуры. Это может привести к неправильному вводу пароля. diff --git a/Translations/Language.vi.xml b/Translations/Language.vi.xml index 1d60da35..4bcc0ea9 100644 --- a/Translations/Language.vi.xml +++ b/Translations/Language.vi.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Các tập tin khóa hiện không được hỗ trợ cho việc mã hóa hệ thống. Cảnh báo: VeraCrypt không thể hồi phục bố trí bàn phím gốc được. Chuyện này có thể làm cho bạn đánh mật mã không đúng vào. diff --git a/Translations/Language.zh-cn.xml b/Translations/Language.zh-cn.xml index bbf437df..eded32c4 100644 --- a/Translations/Language.zh-cn.xml +++ b/Translations/Language.zh-cn.xml @@ -645,10 +645,13 @@ 隐藏卷 PIM 隐形操作系统 PIM PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会像这样使用:\n 迭代次数 = 15000 + (PIM x 1000) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(485)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于485。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于485可能导致加密卷的挂载速度下降。PIM小于485可能会提高挂载速度,但是如果您的密码强度不足,这会降低安全性。 + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (自定迭代次数) 是一个控制头部密钥迭代次数的值,当导出头部密钥时会向这样使用:\n 迭代次数 = (PIM x 2048) \n\n当这个值留空或设为0时,VeraCrypt会使用默认值(98)来确保安全性。\n\n当使用20位以下的密码时,为了保证维持最小的安全性,PIM的值不能小于98。\n当使用20位以上的密码时,PIM的值可以任意自定。\n\nPIM大于98可能导致启动速度下降。PIM小于485可能会提高启动速度,但是如果您的密码强度不足,这会降低安全性。 记住所启动的系统的PIM 您选择了一个大于VeraCrypt默认值的PIM。\n注意这可能使挂载/启动速度下降。 + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. 您选择了一个小于VeraCrypt默认值的PIM。\n注意如果您的密码强度不够强,这会是一个安全隐患。\n\n您确定您在使用一个强密码? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? 对于系统加密,自定迭代倍数 (PIM) 的最大值是65535。 卷 PIM \n\n警告:在密钥文件搜索路径中存在隐藏文件。此类隐藏文件无法被用作密钥文件。如果您需要将它们当作密钥文件使用,请去除它们的“隐藏”属性(使用鼠标右键点击文件,选择“属性”,去除勾选“隐藏”标志再点击“确定”按钮)。注意:隐藏文件仅在启用相关选项后才可见(我的电脑 -> 工具 -> 文件夹选项 -> 查看)。 @@ -1105,6 +1108,7 @@ 当使用TrueCrypt模式时不能使用这个算法。 当使用TrueCrypt模式时不能使用PIM 。 要使用这个PIM数值,您的密码必须大于20个字符。\n如果密码小于20个字符,只能使用485以上的PIM。 + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. 要使用这个PIM数值,您的启动验证密码必须大于20个字符。\n如果密码小于20个字符,只能使用98以上的PIM。 密钥文件当前不支持用在系统加密中。 警告:VeraCrypt 不能存储原始键盘布局。这可能导致您无法正确输入密码。 diff --git a/Translations/Language.zh-hk.xml b/Translations/Language.zh-hk.xml index 8cd899dd..a208330e 100644 --- a/Translations/Language.zh-hk.xml +++ b/Translations/Language.zh-hk.xml @@ -644,10 +644,13 @@ 隱藏加密區 PIM 隱藏系統 PIM PIM (個人迭代倍數, Personal Iterations Multiplier)是一個標頭數據加密鑰衍生演算法用來控制迭代次數數目的數值如下所示:\n 迭代次數 = 15000 + (PIM x 1000)。\n\n當該數值留空或設定為 0 時,VeraCrypt 將會使用預設數值 (485) 以確保高度的安全性。\n\n當密碼的長度短於 20 字元時,PIM 的數值不可少於 485 以保持最低限度的安全性程度。\n當密碼的長度是 20 或更長時, PIM 可以設定為任何數值。\n\n一個大於 485 的 PIM 數值會引致掛載速度緩慢。一個細的 PIM 數值 (少於 485) 將可以令掛載速度較快,但如果同時密碼強度不足的話則會降低安全性。 + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (個人迭代倍數, Personal Iterations Multiplier)是一個標頭數據加密鑰衍生演算法用來控制迭代次數數目的數值如下所示:\n 迭代次數 = PIM x 2048.\n\n。\n\n當該數值留空或設定為 0 時,VeraCrypt 將會使用預設數值以確保高度的安全性。\n\n當密碼的長度短於 20 字元時,PIM 的數值不可少於 98 以保持最低限度的安全性程度。\n當密碼的長度是 20 或更長時, PIM 可以設定為任何數值。\n\n一個大於 98 的 PIM 數值會引致開機速度緩慢。一個細的 PIM 數值 (少於 98) 將可以令開機速度較快,但如果同時密碼強度不足的話則會降低安全性。 記住這個用來重新啟動系統的數字 選擇了一個大於 VeraCrypt 預設的 PIM 值。\n請注意這樣會造成掛載/啟動速度變慢。 + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. 你已選擇了數值細於預設的個人迭代倍數(Personal Iterations Multiplier, PIM)。請注意如你的密碼強度不足的話,將會引致較弱的安全性。\n\n你是否確認會使用一個強度高的密碼? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? 用於系統加密的個人迭代倍數(Personal Iterations Multiplier, PIM) 最大數值為 65535 加密區 PIM \n\n警告:在加密鑰檔案的搜尋路徑中找到一個或多個的隱藏的檔案,這些檔案將不會用作加密鑰檔案。如你想要使用這些檔案作為加密鑰檔案,請移除這些檔案的隱藏屬性 (右按每個檔案然後選擇 [內容],取消剔選 [隱藏] 然後按 [確定])。請注意:隱藏檔案只會在相關選項啟用時才會被顯示 (本機 > 整理 > [變更資料夾和搜尋選項] > 檢示)。 @@ -1104,6 +1107,7 @@ 此演算法不支援 TrueCrypt 模式。 TrueCrypt 模式不支援 PIM (Personal Iterations Multiplier) 密碼必須含有 20 或更多的字元長度以使用所指定的 PIM。\nPIM 需要是 485 或更高才可以使用較短的密碼。 + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. 啟動前驗證密碼必須含有 20 個或更多的字元以使用這個 PIM 數值。\n只可以在 PIM 的數值是 98 或更大時才可以使用較短的密碼。 加密鑰檔案目前並不支援用於系統加密。 警告:VeraCrypt 不能儲存原始鍵盤配置。這可能導致你無法正確輸入密碼。 diff --git a/Translations/Language.zh-tw.xml b/Translations/Language.zh-tw.xml index 92f58c1c..874e4fea 100644 --- a/Translations/Language.zh-tw.xml +++ b/Translations/Language.zh-tw.xml @@ -644,10 +644,13 @@ Hidden Volume PIM PIM for Hidden Operating System PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough. PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough. Remember Number to Boot System You have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting. You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password? Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535. Volume PIM \n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode. PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode. Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater. Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater. Keyfiles are currently not supported for system encryption. >警告:VeraCrypt 不能回復原始鍵盤配置。這可能導致您輸入不正確的密碼。 diff --git a/doc/html/en/Personal Iterations Multiplier (PIM).html b/doc/html/en/Personal Iterations Multiplier (PIM).html index 4f3a6384..aebd0fea 100644 --- a/doc/html/en/Personal Iterations Multiplier (PIM).html +++ b/doc/html/en/Personal Iterations Multiplier (PIM).html @@ -79,7 +79,7 @@ The time cost increases by 1 iteration for every 3 increments of PIM when PIM
  • Argon2id defaults: Memory Cost = 416 MiB, Time Cost = 6 iterations (equivalent to PIM = 12)
    • @@ -99,16 +99,16 @@ When creating a volume or when changing the password, the user has the possibili
    During the creation of a volume or the encryption of the system, VeraCrypt forces the PIM value to be greater than or equal to a certain minimal value when the password is less than 20 characters. This check is done in order to ensure that, for short passwords, the security level is at least equal to the default level provided by an empty PIM.
     
    -
    The PIM minimal value for short passwords is 98 for system encryption that doesn't use SHA-512 or Whirlpool and -485 for the other cases. For password with 20 characters and more, the PIM minimal value is -1. In all cases, leaving the PIM empty or setting its value to 0 will make VeraCrypt use the default high number of iterations as explained in section +
    The PIM minimal value for short passwords is 12 for Argon2id volumes, 98 for system encryption that doesn't use SHA-512 or Whirlpool, and +485 for PBKDF2-HMAC in the other cases. For password with 20 characters and more, the PIM minimal value is +1. In all cases, leaving the PIM empty or setting its value to 0 will make VeraCrypt use the default KDF parameters as explained in section Header Key Derivation.

    Motivations behind using a custom PIM value can be:
    • Add an extra secret parameter (PIM) that an attacker will have to guess
    • Increase security level by using large PIM values to thwart future development of brute force attacks. -
    • Speeding up booting or mounting through the use of a small PIM value (less than 98 for system encryption that doesn't use SHA-512 or Whirlpool and less than 485 for the other cases) +
    • Speeding up booting or mounting through the use of a small PIM value (less than 12 for Argon2id volumes, less than 98 for system encryption that doesn't use SHA-512 or Whirlpool, and less than 485 for PBKDF2-HMAC in the other cases)

    The screenshots below show the step to mount a volume using a PIM equal to 231:

    diff --git a/src/Common/Common.rc b/src/Common/Common.rc index 47c0e930..fd20e426 100644 --- a/src/Common/Common.rc +++ b/src/Common/Common.rc @@ -84,7 +84,7 @@ BEGIN COMBOBOX IDC_PKCS5_PRF_ID,134,154,91,90,CBS_DROPDOWNLIST | WS_TABSTOP EDITTEXT IDC_PIM,134,174,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE CONTROL "Use P&IM",IDC_PIM_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,134,179,97,10 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,181,177,121,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,181,177,121,8,NOT WS_VISIBLE CONTROL "&Display password",IDC_SHOW_PASSWORD_MO,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,134,192,90,10 CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE_HIDVOL_PROT,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,134,205,90,10 PUSHBUTTON "&Keyfiles...",IDC_KEYFILES_HIDVOL_PROT,239,201,60,14 diff --git a/src/Common/Crypto.h b/src/Common/Crypto.h index 84ab4b79..ea0ddb64 100644 --- a/src/Common/Crypto.h +++ b/src/Common/Crypto.h @@ -66,6 +66,7 @@ enum #define BLAKE2S_BLOCKSIZE 64 #define BLAKE2S_DIGESTSIZE 32 +#define BLAKE2B_DIGESTSIZE 64 #define SHA256_BLOCKSIZE 64 #define SHA256_DIGESTSIZE 32 diff --git a/src/Common/Language.xml b/src/Common/Language.xml index 614714ac..da3cf436 100644 --- a/src/Common/Language.xml +++ b/src/Common/Language.xml @@ -152,8 +152,8 @@ Mount Opti&ons...Mount volume as read-&onlyKeyfiles... - (Empty or 0 for default iterations) - (Empty or 0 for default iterations) + (Empty or 0 for defaults) + (Empty or 0 for defaults)EnabledCache passwords in driver memoryAuto-unmount volume after no data has been read/written to it for @@ -644,10 +644,13 @@ Hidden Volume PIMPIM for Hidden Operating SystemPIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = 15000 + (PIM x 1000).\n\nWhen left empty or set to 0, VeraCrypt will use a default value (485) that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 485 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 485 will lead to slower mount. A small PIM value (less than 485) will lead to a quicker mount but it can reduce security if the password is not strong enough. + PIM (Personal Iterations Multiplier) controls the memory and time costs used by Argon2id header key derivation as follows:\n Memory = min(64 MiB + ((PIM - 1) x 32 MiB), 1024 MiB)\n Iterations = 3 + ((PIM - 1) / 3) for PIM 31 or lower, then 13 + (PIM - 31)\n\nWhen left empty or set to 0, VeraCrypt will use the default Argon2 PIM (12), which uses 416 MiB of memory and 6 iterations.\n\nWhen the password is less than 20 characters, Argon2 PIM can't be smaller than 12 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, Argon2 PIM can be set to any value.\n\nAn Argon2 PIM larger than 12 increases memory usage up to 1024 MiB and then increases iterations. This will lead to slower mounting. A small Argon2 PIM (less than 12) will lead to quicker mounting but it can reduce security if the password is not strong enough.PIM (Personal Iterations Multiplier) is a value that controls the number of iterations used by the header key derivation as follows:\n Iterations = PIM x 2048.\n\nWhen left empty or set to 0, VeraCrypt will use a default value that ensures a high security.\n\nWhen the password is less than 20 characters, PIM can't be smaller than 98 in order to maintain a minimal security level.\nWhen the password is 20 characters or more, PIM can be set to any value.\n\nA PIM value larger than 98 will lead to slower boot. A small PIM value (less than 98) will lead to a quicker boot but it can reduce security if the password is not strong enough.Remember Number to Boot SystemYou have chosen a PIM value that is larger than VeraCrypt default value.\nPlease note that this will lead to much slower mount/boot. + You have chosen an Argon2 PIM value that is larger than VeraCrypt default value.\nPlease note that this can require more memory and lead to much slower mounting.You have chosen a Personal Iterations Multiplier (PIM) that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to a weaker security.\n\nDo you confirm that you are using a strong password? + You have chosen an Argon2 PIM value that is smaller than the default VeraCrypt value. Please note that if your password is not strong enough, this could lead to weaker security.\n\nDo you confirm that you are using a strong password?Personal Iterations Multiplier (PIM) maximum value for system encryption is 65535.Volume PIM\n\nWARNING: Hidden file(s) have been found in a keyfile search path. Such hidden files cannot be used as keyfiles. If you need to use them as keyfiles, remove their 'Hidden' attribute (right-click each of them, select 'Properties', uncheck 'Hidden' and click OK). Note: Hidden files are visible only if the corresponding option is enabled (Computer > Organize > 'Folder and search options' > View). @@ -1104,6 +1107,7 @@ This algorithm is not supported for TrueCrypt mode.PIM (Personal Iterations Multiplier) not supported for TrueCrypt mode.Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 485 or greater. + Password must contain 20 or more characters in order to use the specified Argon2 PIM.\nShorter passwords can only be used if the Argon2 PIM is 12 or greater.Pre-boot authentication Password must contain 20 or more characters in order to use the specified PIM.\nShorter passwords can only be used if the PIM is 98 or greater.Keyfiles are currently not supported for system encryption.Warning: VeraCrypt could not restore the original keyboard layout. This may cause you to enter a password incorrectly. diff --git a/src/Common/Password.c b/src/Common/Password.c index 59f01e37..f2b53315 100644 --- a/src/Common/Password.c +++ b/src/Common/Password.c @@ -136,13 +136,32 @@ BOOL CheckPasswordCharEncoding (HWND hPassword, Password *ptrPw) BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim, BOOL bForBoot, int bootPRF, BOOL bSkipPasswordWarning, BOOL bSkipPimWarning) { - BOOL bootPimCondition = (bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE; - BOOL bCustomPimSmall = ((pim != 0) && (pim < (bootPimCondition? 98 : bootPRF == ARGON2? 12 : 485)))? TRUE : FALSE; + BOOL bootPimCondition = FALSE; + BOOL argon2PimCondition = FALSE; + int defaultPim; + BOOL bCustomPimSmall; + const char *pimRequireLongPasswordMessage = "PIM_REQUIRE_LONG_PASSWORD"; + const char *pimLargeWarningMessage = "PIM_LARGE_WARNING"; + const char *pimSmallWarningMessage = "PIM_SMALL_WARNING"; +#ifndef VC_DCS_DISABLE_ARGON2 + argon2PimCondition = (bootPRF == ARGON2)? TRUE : FALSE; +#endif + bootPimCondition = (!argon2PimCondition && bForBoot && (bootPRF != SHA512 && bootPRF != WHIRLPOOL))? TRUE : FALSE; + defaultPim = bootPimCondition? 98 : argon2PimCondition? 12 : 485; + bCustomPimSmall = ((pim != 0) && (pim < defaultPim))? TRUE : FALSE; + if (bootPimCondition) + pimRequireLongPasswordMessage = "BOOT_PIM_REQUIRE_LONG_PASSWORD"; + else if (argon2PimCondition) + { + pimRequireLongPasswordMessage = "PIM_ARGON2_REQUIRE_LONG_PASSWORD"; + pimLargeWarningMessage = "PIM_ARGON2_LARGE_WARNING"; + pimSmallWarningMessage = "PIM_ARGON2_SMALL_WARNING"; + } if (passwordLength < PASSWORD_LEN_WARNING) { if (bCustomPimSmall) { - Error (bootPimCondition? "BOOT_PIM_REQUIRE_LONG_PASSWORD": "PIM_REQUIRE_LONG_PASSWORD", hwndDlg); + Error (pimRequireLongPasswordMessage, hwndDlg); return FALSE; } @@ -154,15 +173,15 @@ BOOL CheckPasswordLength (HWND hwndDlg, unsigned __int32 passwordLength, int pim #ifndef _DEBUG else if (bCustomPimSmall) { - if (!bSkipPimWarning && AskWarnNoYes ("PIM_SMALL_WARNING", hwndDlg) != IDYES) + if (!bSkipPimWarning && AskWarnNoYes (pimSmallWarningMessage, hwndDlg) != IDYES) return FALSE; } #endif - if ((pim != 0) && (pim > (bootPimCondition? 98 : bootPRF == ARGON2? 12 : 485))) + if ((pim != 0) && (pim > defaultPim)) { // warn that mount/boot will take more time - Warning ("PIM_LARGE_WARNING", hwndDlg); + Warning (pimLargeWarningMessage, hwndDlg); } return TRUE; @@ -404,6 +423,12 @@ int ChangePwd (const wchar_t *lpszVolume, Password *oldPassword, int old_pkcs5, if (pkcs5 != 0) cryptoInfo->pkcs5 = pkcs5; + if (pkcs5 == 0 && old_pkcs5 == 0 && !CheckPasswordLength (hwndDlg, newPassword->Length, pim, FALSE, cryptoInfo->pkcs5, TRUE, FALSE)) + { + nStatus = ERR_USER_ABORT; + goto error; + } + RandSetHashFunction (cryptoInfo->pkcs5); NormalCursor(); @@ -567,4 +592,3 @@ error: return nStatus; } - diff --git a/src/Common/Pkcs5.c b/src/Common/Pkcs5.c index 24dfce10..f1b816e3 100644 --- a/src/Common/Pkcs5.c +++ b/src/Common/Pkcs5.c @@ -1337,15 +1337,16 @@ int is_pkcs5_prf_supported (int pkcs5_prf_id, PRF_BOOT_TYPE bootType) } #ifndef VC_DCS_DISABLE_ARGON2 -void derive_key_argon2(const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, uint32 memcost, unsigned char *dk, int dklen, volatile long *pAbortKeyDerivation) +int derive_key_argon2(const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, uint32 memcost, unsigned char *dk, int dklen, volatile long *pAbortKeyDerivation) { + int result; #if defined (DEVICE_DRIVER) && !defined(_M_ARM64) NTSTATUS saveStatus = STATUS_INVALID_PARAMETER; XSTATE_SAVE SaveState; if (HasSAVX2()) saveStatus = KeSaveExtendedProcessorState(XSTATE_MASK_GSSE, &SaveState); #endif - if (0 != argon2id_hash_raw( + result = argon2id_hash_raw( iterations, // number of iterations memcost, // memory cost in KiB 1, // parallelism factor (number of threads) @@ -1353,15 +1354,17 @@ void derive_key_argon2(const unsigned char *pwd, int pwd_len, const unsigned cha salt, salt_len, // salt and its length dk, dklen,// derived key and its length pAbortKeyDerivation - )) + ); + if (0 != result) { - // If the Argon2 derivation fails, we fill the derived key with zeroes + // If the Argon2 derivation fails, ensure unchecked legacy callers cannot use stale data. memset(dk, 0, dklen); } #if defined (DEVICE_DRIVER) && !defined(_M_ARM64) if (NT_SUCCESS(saveStatus)) KeRestoreExtendedProcessorState(&SaveState); #endif + return result; } /** diff --git a/src/Common/Pkcs5.h b/src/Common/Pkcs5.h index cbd23940..7e4f993a 100644 --- a/src/Common/Pkcs5.h +++ b/src/Common/Pkcs5.h @@ -45,7 +45,7 @@ int get_pkcs5_iteration_count (int pkcs5_prf_id, int pim, BOOL bBoot, int* pMemo wchar_t *get_kdf_name (int kdf_id); #ifndef VC_DCS_DISABLE_ARGON2 -void derive_key_argon2(const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, uint32 memcost, unsigned char *dk, int dklen, long volatile *pAbortKeyDerivation); +int derive_key_argon2(const unsigned char *pwd, int pwd_len, const unsigned char *salt, int salt_len, uint32 iterations, uint32 memcost, unsigned char *dk, int dklen, long volatile *pAbortKeyDerivation); void get_argon2_params(int pim, int* pIterations, int* pMemcost); #endif diff --git a/src/Common/Random.c b/src/Common/Random.c index cadce0c0..ece8f985 100644 --- a/src/Common/Random.c +++ b/src/Common/Random.c @@ -277,11 +277,14 @@ BOOL Randmix () digestSize = SHA256_DIGESTSIZE; break; - #ifndef WOLFCRYPT_BACKEND - case BLAKE2S: - case ARGON2: // in case of Argon2, we use Blake2s - digestSize = BLAKE2S_DIGESTSIZE; - break; + #ifndef WOLFCRYPT_BACKEND + case BLAKE2S: + digestSize = BLAKE2S_DIGESTSIZE; + break; + + case ARGON2: + digestSize = BLAKE2B_DIGESTSIZE; + break; case WHIRLPOOL: digestSize = WHIRLPOOL_DIGESTSIZE; @@ -366,10 +369,13 @@ BOOL Randmix () break; #ifndef WOLFCRYPT_BACKEND - case BLAKE2S: - case ARGON2: // in case of Argon2, we use Blake2s - burn (&bctx, sizeof(bctx)); - break; + case BLAKE2S: + burn (&bctx, sizeof(bctx)); + break; + + case ARGON2: + burn (&b2ctx, sizeof(b2ctx)); + break; case WHIRLPOOL: burn (&wctx, sizeof(wctx)); @@ -974,4 +980,3 @@ BOOL FastPoll (void) return TRUE; } - diff --git a/src/Common/Random.h b/src/Common/Random.h index df26d7b7..be6f85c9 100644 --- a/src/Common/Random.h +++ b/src/Common/Random.h @@ -21,7 +21,8 @@ extern "C" { /* RNG defines & pool pointers */ #define RNG_POOL_SIZE 320 // Must be divisible by the size of the output of each of the implemented hash functions. (in bytes) -#if RNG_POOL_SIZE % SHA512_DIGESTSIZE || RNG_POOL_SIZE % WHIRLPOOL_DIGESTSIZE || RNG_POOL_SIZE % BLAKE2S_DIGESTSIZE +#if RNG_POOL_SIZE % SHA512_DIGESTSIZE || RNG_POOL_SIZE % WHIRLPOOL_DIGESTSIZE || RNG_POOL_SIZE % BLAKE2S_DIGESTSIZE \ + || (!defined(VC_DCS_DISABLE_ARGON2) && RNG_POOL_SIZE % BLAKE2B_DIGESTSIZE) #error RNG_POOL_SIZE must be divisible by the size of the output of each of the implemented hash functions. #endif diff --git a/src/Core/Core.h b/src/Core/Core.h index bb7264fa..5c86169b 100644 --- a/src/Core/Core.h +++ b/src/Core/Core.h @@ -76,6 +76,7 @@ namespace VeraCrypt int m_pim; shared_ptr m_kdf; shared_ptr m_keyfiles; + shared_ptr m_openVolume; shared_ptr m_newPassword; int m_newPim; shared_ptr m_newKeyfiles; @@ -83,10 +84,15 @@ namespace VeraCrypt int m_wipeCount; bool m_emvSupportEnabled; bool m_masterKeyVulnerable; - ChangePasswordThreadRoutine(shared_ptr volumePath, bool preserveTimestamps, shared_ptr password, int pim, shared_ptr kdf, shared_ptr keyfiles, shared_ptr newPassword, int newPim, shared_ptr newKeyfiles, shared_ptr newPkcs5Kdf, int wipeCount, bool emvSupportEnabled) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_kdf(kdf), m_keyfiles(keyfiles), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount), m_emvSupportEnabled(emvSupportEnabled), m_masterKeyVulnerable(false) {} + ChangePasswordThreadRoutine(shared_ptr volumePath, bool preserveTimestamps, shared_ptr password, int pim, shared_ptr kdf, shared_ptr keyfiles, shared_ptr newPassword, int newPim, shared_ptr newKeyfiles, shared_ptr newPkcs5Kdf, int wipeCount, bool emvSupportEnabled) : m_volumePath(volumePath), m_preserveTimestamps(preserveTimestamps), m_password(password), m_pim(pim), m_kdf(kdf), m_keyfiles(keyfiles), m_openVolume(), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount), m_emvSupportEnabled(emvSupportEnabled), m_masterKeyVulnerable(false) {} + ChangePasswordThreadRoutine(shared_ptr openVolume, shared_ptr newPassword, int newPim, shared_ptr newKeyfiles, shared_ptr newPkcs5Kdf, int wipeCount, bool emvSupportEnabled) : m_volumePath(), m_preserveTimestamps(false), m_password(), m_pim(0), m_kdf(), m_keyfiles(), m_openVolume(openVolume), m_newPassword(newPassword), m_newPim(newPim), m_newKeyfiles(newKeyfiles), m_newPkcs5Kdf(newPkcs5Kdf), m_wipeCount(wipeCount), m_emvSupportEnabled(emvSupportEnabled), m_masterKeyVulnerable(false) {} virtual ~ChangePasswordThreadRoutine() { } virtual void ExecutionCode(void) { - shared_ptr openVolume = Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_pim, m_kdf, m_keyfiles, m_newPassword, m_newPim, m_newKeyfiles, m_emvSupportEnabled, m_newPkcs5Kdf, m_wipeCount); + shared_ptr openVolume = m_openVolume; + if (openVolume) + Core->ChangePassword(openVolume, m_newPassword, m_newPim, m_newKeyfiles, m_emvSupportEnabled, m_newPkcs5Kdf, m_wipeCount); + else + openVolume = Core->ChangePassword(m_volumePath, m_preserveTimestamps, m_password, m_pim, m_kdf, m_keyfiles, m_newPassword, m_newPim, m_newKeyfiles, m_emvSupportEnabled, m_newPkcs5Kdf, m_wipeCount); m_masterKeyVulnerable = openVolume->IsMasterKeyVulnerable(); } }; diff --git a/src/Core/CoreBase.cpp b/src/Core/CoreBase.cpp index 2cf35e10..d2fac9ae 100644 --- a/src/Core/CoreBase.cpp +++ b/src/Core/CoreBase.cpp @@ -67,7 +67,9 @@ namespace VeraCrypt else RandomNumberGenerator::GetDataFast (newSalt); - newPkcs5Kdf->DeriveKey (newHeaderKey, *password, newPim, newSalt); + int derivationResult = newPkcs5Kdf->DeriveKey (newHeaderKey, *password, newPim, newSalt); + if (derivationResult != 0) + throw ExternalException (SRC_POS, newPkcs5Kdf->GetDerivationFailureMessage (derivationResult)); openVolume->ReEncryptHeader (backupHeader, newSalt, newHeaderKey, newPkcs5Kdf); openVolume->GetFile()->Flush(); @@ -289,7 +291,9 @@ namespace VeraCrypt shared_ptr passwordKey (Keyfile::ApplyListToPassword (keyfiles, password, emvSupportEnabled)); RandomNumberGenerator::GetData (newSalt); - pkcs5Kdf->DeriveKey (newHeaderKey, *passwordKey, pim, newSalt); + int derivationResult = pkcs5Kdf->DeriveKey (newHeaderKey, *passwordKey, pim, newSalt); + if (derivationResult != 0) + throw ExternalException (SRC_POS, pkcs5Kdf->GetDerivationFailureMessage (derivationResult)); header->EncryptNew (newHeaderBuffer, newSalt, newHeaderKey, pkcs5Kdf); } diff --git a/src/Core/VolumeCreator.cpp b/src/Core/VolumeCreator.cpp index 68697871..d4b1a110 100644 --- a/src/Core/VolumeCreator.cpp +++ b/src/Core/VolumeCreator.cpp @@ -143,7 +143,9 @@ namespace VeraCrypt SecureBuffer backupHeaderSalt (VolumeHeader::GetSaltSize()); RandomNumberGenerator::GetData (backupHeaderSalt); - Options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, Options->Pim, backupHeaderSalt); + int derivationResult = Options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, Options->Pim, backupHeaderSalt); + if (derivationResult != 0) + throw ExternalException (SRC_POS, Options->VolumeHeaderKdf->GetDerivationFailureMessage (derivationResult)); Layout->GetHeader()->EncryptNew (backupHeader, backupHeaderSalt, HeaderKey, Options->VolumeHeaderKdf); @@ -316,7 +318,9 @@ namespace VeraCrypt // Header key HeaderKey.Allocate (VolumeHeader::GetLargestSerializedKeySize()); PasswordKey = Keyfile::ApplyListToPassword (options->Keyfiles, options->Password, options->EMVSupportEnabled); - options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, options->Pim, salt); + int derivationResult = options->VolumeHeaderKdf->DeriveKey (HeaderKey, *PasswordKey, options->Pim, salt); + if (derivationResult != 0) + throw ExternalException (SRC_POS, options->VolumeHeaderKdf->GetDerivationFailureMessage (derivationResult)); headerOptions.HeaderKey = HeaderKey; header->Create (headerBuffer, headerOptions); diff --git a/src/ExpandVolume/ExpandVolume.rc b/src/ExpandVolume/ExpandVolume.rc index 35741121..25de006c 100644 --- a/src/ExpandVolume/ExpandVolume.rc +++ b/src/ExpandVolume/ExpandVolume.rc @@ -97,7 +97,7 @@ BEGIN RTEXT "Password:",IDT_PASSWORD,0,10,65,13 RTEXT "KDF:",IDT_KDF,0,27,65,13 RTEXT "Volume PIM:",IDT_PIM,0,46,65,13,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,189,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,115,46,189,8,NOT WS_VISIBLE END IDD_EXPAND_PROGRESS_DLG DIALOGEX 0, 0, 376, 283 diff --git a/src/Format/Format.rc b/src/Format/Format.rc index 19dbad09..0c333dfa 100644 --- a/src/Format/Format.rc +++ b/src/Format/Format.rc @@ -230,7 +230,7 @@ BEGIN EDITTEXT IDC_PASSWORD_DIRECT,75,2,198,14,ES_PASSWORD | ES_AUTOHSCROLL COMBOBOX IDC_PKCS5_PRF_ID,75,17,131,90,CBS_DROPDOWNLIST | WS_TABSTOP EDITTEXT IDC_PIM,75,32,42,14,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER | NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,121,34,152,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,121,34,152,8,NOT WS_VISIBLE CONTROL "&Display password",IDC_SHOW_PASSWORD_SINGLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,75,46,109,11,WS_EX_TRANSPARENT CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,75,57,106,11 PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,188,54,85,14 @@ -449,7 +449,7 @@ BEGIN CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,74,17,196,10 LTEXT "",IDC_BOX_HELP,0,32,273,142 RTEXT "Volume PIM:",IDT_PIM,1,3,69,8 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,120,3,153,8 + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,120,3,153,8 LTEXT "Information on PIM",IDC_LINK_PIM_INFO,0,179,273,8,SS_NOTIFY END diff --git a/src/Format/Tcformat.c b/src/Format/Tcformat.c index 0972430f..c4bc71b8 100644 --- a/src/Format/Tcformat.c +++ b/src/Format/Tcformat.c @@ -792,6 +792,22 @@ static BOOL CreatingHiddenSysVol (void) && bHiddenVol && !bHiddenVolHost); } +static const char *GetPimHelpStringId (int pkcs5Prf, BOOL systemEncryption) +{ +#if !defined (WOLFCRYPT_BACKEND) && !defined (VC_DCS_DISABLE_ARGON2) + if (pkcs5Prf == ARGON2) + return "PIM_ARGON2_HELP"; +#endif +#ifndef WOLFCRYPT_BACKEND + if (systemEncryption && pkcs5Prf != SHA512 && pkcs5Prf != WHIRLPOOL) + return "PIM_SYSENC_HELP"; +#else + if (systemEncryption && pkcs5Prf != SHA512) + return "PIM_SYSENC_HELP"; +#endif + return "PIM_HELP"; +} + static void LoadSettingsAndCheckModified (HWND hwndDlg, BOOL bOnlyCheckModified, BOOL* pbSettingsModified, BOOL* pbHistoryModified) { if (!bOnlyCheckModified) @@ -4500,11 +4516,7 @@ BOOL CALLBACK PageDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa } SetFocus (GetDlgItem (hwndDlg, IDC_PIM)); - #ifndef WOLFCRYPT_BACKEND - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect () && hash_algo != SHA512 && hash_algo != WHIRLPOOL? "PIM_SYSENC_HELP" : "PIM_HELP")); - #else - SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (SysEncInEffect () && hash_algo != SHA512? "PIM_SYSENC_HELP" : "PIM_HELP")); - #endif + SetWindowTextW (GetDlgItem (hwndDlg, IDC_BOX_HELP), GetString (GetPimHelpStringId (hash_algo, SysEncInEffect ()))); ToHyperlink (hwndDlg, IDC_LINK_PIM_INFO); if (CreatingHiddenSysVol()) diff --git a/src/FormatDLL/VeraCryptFormatSDK.cpp b/src/FormatDLL/VeraCryptFormatSDK.cpp index e841c0c1..dbbc14d7 100644 --- a/src/FormatDLL/VeraCryptFormatSDK.cpp +++ b/src/FormatDLL/VeraCryptFormatSDK.cpp @@ -205,7 +205,7 @@ static int CreateVolumeInternal(const VeraCryptFormatOptions* options) if (options->password) { - if (!CheckPasswordLength(NULL, (int)strlen(options->password), options->pim, FALSE, 0, TRUE, TRUE)) + if (!CheckPasswordLength(NULL, (int)strlen(options->password), options->pim, FALSE, hash_algo, TRUE, TRUE)) { return VCF_ERROR_PASSWORD_POLICY; } diff --git a/src/FormatDLL/VeraCryptFormatSDK.h b/src/FormatDLL/VeraCryptFormatSDK.h index 5f77cdbb..6f971e22 100644 --- a/src/FormatDLL/VeraCryptFormatSDK.h +++ b/src/FormatDLL/VeraCryptFormatSDK.h @@ -66,7 +66,7 @@ typedef struct _VeraCryptFormatOptions /** The encryption algorithm to use. E.g., L"AES", L"Serpent", L"Twofish", L"AES-Twofish-Serpent". */ const wchar_t* encryptionAlgorithm; - /** The header key derivation and random pool hash algorithm. E.g., L"SHA-512", L"RIPEMD-160", L"Whirlpool", L"BLAKE2s-256", L"SHA-256". */ + /** The header key derivation algorithm and random pool hash selector. E.g., L"Argon2" (Argon2id KDF), L"SHA-512", L"RIPEMD-160", L"Whirlpool", L"BLAKE2s-256", L"SHA-256". */ const wchar_t* hashAlgorithm; /** The filesystem for the new volume. E.g., L"NTFS", L"FAT", L"ExFAT", L"ReFS", or L"None". */ diff --git a/src/Main/CommandLineInterface.cpp b/src/Main/CommandLineInterface.cpp index 870537a6..74c1a676 100644 --- a/src/Main/CommandLineInterface.cpp +++ b/src/Main/CommandLineInterface.cpp @@ -18,9 +18,30 @@ #include "CommandLineInterface.h" #include "LanguageStrings.h" #include "UserInterfaceException.h" +#include "Volume/Pkcs5Kdf.h" namespace VeraCrypt { + static shared_ptr FindKdfAlgorithm (const wxString &name) + { + foreach (shared_ptr kdf, Pkcs5Kdf::GetAvailableAlgorithms()) + { + wxString kdfName (kdf->GetName()); + shared_ptr hash = kdf->GetHash(); + wxString hashName (hash->GetName()); + wxString hashAltName (hash->GetAltName()); + if (kdfName.IsSameAs (name, false) + || (kdf->IsArgon2() && name.IsSameAs (L"Argon2id", false))) + return kdf; + + if (!kdf->IsArgon2() + && (hashName.IsSameAs (name, false) || hashAltName.IsSameAs (name, false))) + return kdf; + } + + return shared_ptr (); + } + CommandLineInterface::CommandLineInterface (int argc, wchar_t** argv, UserInterfaceType::Enum interfaceType) : ArgCommand (CommandId::None), ArgFilesystem (VolumeCreationOptions::FilesystemType::Unknown), @@ -67,7 +88,7 @@ namespace VeraCrypt #if !defined(TC_WINDOWS) && !defined(TC_MACOSX) parser.AddOption (L"", L"fs-options", _("Filesystem mount options")); #endif - parser.AddOption (L"", L"hash", _("Hash algorithm")); + parser.AddOption (L"", L"hash", _("Header key derivation algorithm")); parser.AddSwitch (L"h", L"help", _("Display detailed command line help"), wxCMD_LINE_OPTION_HELP); parser.AddSwitch (L"", L"import-token-keyfiles", _("Import keyfiles to security token")); parser.AddOption (L"k", L"keyfiles", _("Keyfiles")); @@ -78,7 +99,7 @@ namespace VeraCrypt parser.AddSwitch (L"", L"load-preferences", _("Load user preferences")); parser.AddSwitch (L"", L"mount", _("Mount volume interactively")); parser.AddOption (L"m", L"mount-options", _("VeraCrypt volume mount options")); - parser.AddOption (L"", L"new-hash", _("New hash algorithm")); + parser.AddOption (L"", L"new-hash", _("New header key derivation algorithm")); parser.AddOption (L"", L"new-keyfiles", _("New keyfiles")); parser.AddOption (L"", L"new-password", _("New password")); parser.AddOption (L"", L"new-pim", _("New PIM")); @@ -87,7 +108,7 @@ namespace VeraCrypt parser.AddOption (L"p", L"password", _("Password")); parser.AddOption (L"", L"pim", _("PIM")); parser.AddOption (L"", L"protect-hidden", _("Protect hidden volume")); - parser.AddOption (L"", L"protection-hash", _("Hash algorithm for protected hidden volume")); + parser.AddOption (L"", L"protection-hash", _("Header key derivation algorithm for protected hidden volume")); parser.AddOption (L"", L"protection-keyfiles", _("Keyfiles for protected hidden volume")); parser.AddOption (L"", L"protection-password", _("Password for protected hidden volume")); parser.AddOption (L"", L"protection-pim", _("PIM for protected hidden volume")); @@ -396,15 +417,7 @@ namespace VeraCrypt if (parser.Found (L"hash", &str)) { - ArgHash.reset(); - - foreach (shared_ptr hash, Hash::GetAvailableAlgorithms()) - { - wxString hashName (hash->GetName()); - wxString hashAltName (hash->GetAltName()); - if (hashName.IsSameAs (str, false) || hashAltName.IsSameAs (str, false)) - ArgHash = hash; - } + ArgHash = FindKdfAlgorithm (str); if (!ArgHash) throw_err (LangString["UNKNOWN_OPTION"] + L": " + str); @@ -412,15 +425,7 @@ namespace VeraCrypt if (parser.Found (L"new-hash", &str)) { - ArgNewHash.reset(); - - foreach (shared_ptr hash, Hash::GetAvailableAlgorithms()) - { - wxString hashName (hash->GetName()); - wxString hashAltName (hash->GetAltName()); - if (hashName.IsSameAs (str, false) || hashAltName.IsSameAs (str, false)) - ArgNewHash = hash; - } + ArgNewHash = FindKdfAlgorithm (str); if (!ArgNewHash) throw_err (LangString["UNKNOWN_OPTION"] + L": " + str); @@ -558,19 +563,11 @@ namespace VeraCrypt if (parser.Found (L"protection-hash", &str)) { - bool bHashFound = false; - foreach (shared_ptr hash, Hash::GetAvailableAlgorithms()) - { - wxString hashName (hash->GetName()); - wxString hashAltName (hash->GetAltName()); - if (hashName.IsSameAs (str, false) || hashAltName.IsSameAs (str, false)) - { - bHashFound = true; - ArgMountOptions.ProtectionKdf = Pkcs5Kdf::GetAlgorithm (*hash); - } - } + shared_ptr kdf = FindKdfAlgorithm (str); + if (kdf) + ArgMountOptions.ProtectionKdf = kdf; - if (!bHashFound) + if (!kdf) throw_err (LangString["UNKNOWN_OPTION"] + L": " + str); } diff --git a/src/Main/CommandLineInterface.h b/src/Main/CommandLineInterface.h index 237d10c3..6889edb7 100644 --- a/src/Main/CommandLineInterface.h +++ b/src/Main/CommandLineInterface.h @@ -20,6 +20,7 @@ #include "Core/VolumeCreator.h" #include "UserPreferences.h" #include "UserInterfaceType.h" +#include "Volume/Pkcs5Kdf.h" namespace VeraCrypt { @@ -66,11 +67,11 @@ namespace VeraCrypt shared_ptr ArgFilePath; VolumeCreationOptions::FilesystemType::Enum ArgFilesystem; bool ArgForce; - shared_ptr ArgHash; + shared_ptr ArgHash; shared_ptr ArgKeyfiles; MountOptions ArgMountOptions; shared_ptr ArgMountPoint; - shared_ptr ArgNewHash; + shared_ptr ArgNewHash; shared_ptr ArgNewKeyfiles; shared_ptr ArgNewPassword; int ArgNewPim; diff --git a/src/Main/Forms/BenchmarkDialog.cpp b/src/Main/Forms/BenchmarkDialog.cpp index 915ca20e..a701f725 100644 --- a/src/Main/Forms/BenchmarkDialog.cpp +++ b/src/Main/Forms/BenchmarkDialog.cpp @@ -299,7 +299,9 @@ namespace VeraCrypt for (int i = 1; i <= 2; i++) { - prf->DeriveKey (dk, password, pim, salt); + int derivationResult = prf->DeriveKey (dk, password, pim, salt); + if (derivationResult != 0) + throw ExternalException (SRC_POS, prf->GetDerivationFailureMessage (derivationResult)); } time = (uint64) (wxGetLocalTimeMillis().GetValue() - startTime.GetValue()); diff --git a/src/Main/Forms/ChangePasswordDialog.cpp b/src/Main/Forms/ChangePasswordDialog.cpp index 701e599a..9224c1f2 100644 --- a/src/Main/Forms/ChangePasswordDialog.cpp +++ b/src/Main/Forms/ChangePasswordDialog.cpp @@ -18,6 +18,65 @@ namespace VeraCrypt { + static bool CheckCustomPimForPassword (VolumePasswordPanel *pimPanel, const shared_ptr &password, int pim, const shared_ptr &kdf) + { + int defaultPim = kdf ? kdf->GetDefaultPim() : 0; + if (!password || password->Size() == 0 || pim <= 0 || defaultPim <= 0 || pim >= defaultPim) + return true; + + if (password->Size() < VolumePassword::SmallPimPasswordSizeThreshold) + { + Gui->ShowError (kdf ? kdf->GetPimRequireLongPasswordMessageId() : "PIM_REQUIRE_LONG_PASSWORD"); + pimPanel->SetFocusToPimTextCtrl(); + return false; + } + + if (!Gui->AskYesNo (LangString [kdf ? kdf->GetPimSmallWarningMessageId() : "PIM_SMALL_WARNING"], false, true)) + { + pimPanel->SetFocusToPimTextCtrl(); + return false; + } + + return true; + } + + static bool CheckCustomPimForKdfOnlyChange (VolumePasswordPanel *pimPanel, const shared_ptr &password, const shared_ptr &kdf, int currentPim) + { + int defaultPim = kdf ? kdf->GetDefaultPim() : 0; + if (!kdf || !password || password->Size() == 0 || currentPim <= 0 || defaultPim <= 0 || currentPim == defaultPim) + return true; + + if (currentPim < defaultPim) + return CheckCustomPimForPassword (pimPanel, password, currentPim, kdf); + + Gui->ShowWarning (kdf->GetPimLargeWarningMessageId()); + return true; + } + + static bool CheckPasswordChangeWarnings (VolumePasswordPanel *passwordPanel, const shared_ptr &password, int pim, const shared_ptr &kdf) + { + if (!password || password->Size() == 0) + return true; + + if (password->Size() < VolumePassword::WarningSizeThreshold) + { + if (!CheckCustomPimForPassword (passwordPanel, password, pim, kdf)) + return false; + + if (!Gui->AskYesNo (LangString ["PASSWORD_LENGTH_WARNING"], false, true)) + { + passwordPanel->SetFocusToPasswordTextCtrl(); + return false; + } + } + else if (!CheckCustomPimForPassword (passwordPanel, password, pim, kdf)) + { + return false; + } + + return true; + } + #ifdef TC_MACOSX bool ChangePasswordDialog::ProcessEvent(wxEvent& event) @@ -102,11 +161,17 @@ namespace VeraCrypt { shared_ptr currentKdf = CurrentPasswordPanel->GetPkcs5Kdf(); int currentPim = CurrentPasswordPanel->GetVolumePim(); + shared_ptr newKdf = NewPasswordPanel->GetPkcs5Kdf(); if (-1 == currentPim) { CurrentPasswordPanel->SetFocusToPimTextCtrl(); return; } + shared_ptr currentPassword = CurrentPasswordPanel->GetPassword(); + shared_ptr currentKeyfiles = CurrentPasswordPanel->GetKeyfiles(); + bool preserveTimestamps = Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps; + bool emvSupportEnabled = Gui->GetPreferences().EMVSupportEnabled; + int headerWipeCount = NewPasswordPanel->GetHeaderWipeCount(); shared_ptr newPassword; int newPim = 0; @@ -128,50 +193,47 @@ namespace VeraCrypt NewPasswordPanel->SetFocusToPimTextCtrl(); return; } - - if (newPassword->Size() > 0) - { - if (newPassword->Size() < VolumePassword::WarningSizeThreshold) - { - if (newPim > 0 && newPim < 485) - { - Gui->ShowError ("PIM_REQUIRE_LONG_PASSWORD"); - return; - } - - if (!Gui->AskYesNo (LangString ["PASSWORD_LENGTH_WARNING"], false, true)) - { - NewPasswordPanel->SetFocusToPasswordTextCtrl(); - return; - } - } - else if (newPim > 0 && newPim < 485) - { - if (!Gui->AskYesNo (LangString ["PIM_SMALL_WARNING"], false, true)) - { - NewPasswordPanel->SetFocusToPimTextCtrl(); - return; - } - } - } } else { - newPassword = CurrentPasswordPanel->GetPassword(); + newPassword = currentPassword; newPim = CurrentPasswordPanel->GetVolumePim(); } + if (DialogMode == Mode::ChangePkcs5Prf) + { + if (!CheckCustomPimForKdfOnlyChange (CurrentPasswordPanel, newPassword, newKdf, currentPim)) + return; + } + shared_ptr newKeyfiles; if (DialogMode == Mode::ChangePasswordAndKeyfiles || DialogMode == Mode::ChangeKeyfiles) newKeyfiles = NewPasswordPanel->GetKeyfiles(); else if (DialogMode != Mode::RemoveAllKeyfiles) - newKeyfiles = CurrentPasswordPanel->GetKeyfiles(); - - /* force the display of the random enriching interface */ - RandomNumberGenerator::SetEnrichedByUserStatus (false); - Gui->UserEnrichRandomPool (this, NewPasswordPanel->GetPkcs5Kdf() ? NewPasswordPanel->GetPkcs5Kdf()->GetHash() : shared_ptr ()); + newKeyfiles = currentKeyfiles; + shared_ptr effectiveNewKdf = newKdf ? newKdf : currentKdf; + shared_ptr openVolume; bool masterKeyVulnerable = false; + // If the unchanged KDF is not known yet, open the header before applying KDF-specific PIM limits. + bool needOpenVolumeForKdf = DialogMode == Mode::ChangePasswordAndKeyfiles + && !effectiveNewKdf + && newPassword->Size() > 0 + && newPim > 0; + + if (!needOpenVolumeForKdf) + { + if (DialogMode == Mode::ChangePasswordAndKeyfiles + && !CheckPasswordChangeWarnings (NewPasswordPanel, newPassword, newPim, effectiveNewKdf)) + { + return; + } + + /* force the display of the random enriching interface */ + RandomNumberGenerator::SetEnrichedByUserStatus (false); + Gui->UserEnrichRandomPool (this, newKdf ? newKdf->GetHash() : shared_ptr ()); + } + { #ifdef TC_UNIX // Temporarily take ownership of a device if the user is not an administrator @@ -189,12 +251,47 @@ namespace VeraCrypt Core->SetFileOwner (finally_arg, finally_arg2); }); #endif - wxBusyCursor busy; - ChangePasswordThreadRoutine routine(Path, Gui->GetPreferences().DefaultMountOptions.PreserveTimestamps, - CurrentPasswordPanel->GetPassword(), CurrentPasswordPanel->GetVolumePim(), CurrentPasswordPanel->GetPkcs5Kdf(), CurrentPasswordPanel->GetKeyfiles(), - newPassword, newPim, newKeyfiles, NewPasswordPanel->GetPkcs5Kdf(), NewPasswordPanel->GetHeaderWipeCount(), Gui->GetPreferences().EMVSupportEnabled); - Gui->ExecuteWaitThreadRoutine (this, &routine); - masterKeyVulnerable = routine.m_masterKeyVulnerable; + if (needOpenVolumeForKdf) + { + wxBusyCursor busy; + OpenVolumeThreadRoutine openRoutine(Path, preserveTimestamps, currentPassword, currentPim, currentKdf, currentKeyfiles, emvSupportEnabled); + Gui->ExecuteWaitThreadRoutine (this, &openRoutine); + openVolume = openRoutine.m_pVolume; + if (openVolume) + effectiveNewKdf = openVolume->GetPkcs5Kdf(); + if (!effectiveNewKdf) + throw ParameterIncorrect (SRC_POS); + } + + if (needOpenVolumeForKdf) + { + if (!CheckPasswordChangeWarnings (NewPasswordPanel, newPassword, newPim, effectiveNewKdf)) + { + // The volume was opened only to detect its KDF; no header rewrite has started. + return; + } + + /* force the display of the random enriching interface */ + RandomNumberGenerator::SetEnrichedByUserStatus (false); + Gui->UserEnrichRandomPool (this, newKdf ? newKdf->GetHash() : shared_ptr ()); + } + + if (openVolume) + { + wxBusyCursor busy; + ChangePasswordThreadRoutine routine(openVolume, newPassword, newPim, newKeyfiles, newKdf, headerWipeCount, emvSupportEnabled); + Gui->ExecuteWaitThreadRoutine (this, &routine); + masterKeyVulnerable = routine.m_masterKeyVulnerable; + } + else + { + wxBusyCursor busy; + ChangePasswordThreadRoutine routine(Path, preserveTimestamps, + currentPassword, currentPim, currentKdf, currentKeyfiles, + newPassword, newPim, newKeyfiles, newKdf, headerWipeCount, emvSupportEnabled); + Gui->ExecuteWaitThreadRoutine (this, &routine); + masterKeyVulnerable = routine.m_masterKeyVulnerable; + } } switch (DialogMode) diff --git a/src/Main/Forms/EncryptionOptionsWizardPage.cpp b/src/Main/Forms/EncryptionOptionsWizardPage.cpp index 29d23f35..a7d04995 100644 --- a/src/Main/Forms/EncryptionOptionsWizardPage.cpp +++ b/src/Main/Forms/EncryptionOptionsWizardPage.cpp @@ -12,7 +12,7 @@ #include "System.h" #include "Volume/EncryptionTest.h" -#include "Volume/Hash.h" +#include "Volume/Pkcs5Kdf.h" #include "Main/GraphicUserInterface.h" #include "BenchmarkDialog.h" #include "EncryptionOptionsWizardPage.h" @@ -36,11 +36,11 @@ namespace VeraCrypt EncryptionAlgorithmChoice->Select (0); - Hashes = Hash::GetAvailableAlgorithms(); - foreach (shared_ptr hash, Hashes) + Kdfs = Pkcs5Kdf::GetAvailableAlgorithms(); + foreach (shared_ptr kdf, Kdfs) { - if (!hash->IsDeprecated()) - HashChoice->Append (hash->GetName(), hash.get()); + if (!kdf->IsDeprecated()) + HashChoice->Append (kdf->GetName(), kdf.get()); } HashChoice->Select (0); @@ -68,9 +68,9 @@ namespace VeraCrypt return Gui->GetSelectedData (EncryptionAlgorithmChoice)->GetNew(); } - shared_ptr EncryptionOptionsWizardPage::GetHash () const + shared_ptr EncryptionOptionsWizardPage::GetPkcs5Kdf () const { - return Gui->GetSelectedData (HashChoice)->GetNew(); + return shared_ptr (Gui->GetSelectedData (HashChoice)->Clone()); } void EncryptionOptionsWizardPage::OnBenchmarkButtonClick (wxCommandEvent& event) @@ -155,9 +155,9 @@ namespace VeraCrypt } } - void EncryptionOptionsWizardPage::SetHash (shared_ptr hash) + void EncryptionOptionsWizardPage::SetPkcs5Kdf (shared_ptr kdf) { - if (hash) - HashChoice->SetStringSelection (hash->GetName()); + if (kdf) + HashChoice->SetStringSelection (kdf->GetName()); } } diff --git a/src/Main/Forms/EncryptionOptionsWizardPage.h b/src/Main/Forms/EncryptionOptionsWizardPage.h index 6a8e12f9..f8aa2a21 100644 --- a/src/Main/Forms/EncryptionOptionsWizardPage.h +++ b/src/Main/Forms/EncryptionOptionsWizardPage.h @@ -14,6 +14,7 @@ #define TC_HEADER_Main_Forms_EncryptionOptionsWizardPage #include "Forms.h" +#include "Volume/Pkcs5Kdf.h" namespace VeraCrypt { @@ -26,11 +27,11 @@ namespace VeraCrypt ~EncryptionOptionsWizardPage (); #endif shared_ptr GetEncryptionAlgorithm () const; - shared_ptr GetHash () const; + shared_ptr GetPkcs5Kdf () const; bool IsValid () { return true; } void SetPageText (const wxString &text) { } void SetEncryptionAlgorithm (shared_ptr algorithm); - void SetHash (shared_ptr hash); + void SetPkcs5Kdf (shared_ptr kdf); protected: void OnBenchmarkButtonClick (wxCommandEvent& event); @@ -44,7 +45,7 @@ namespace VeraCrypt void HandleOnSize( wxSizeEvent& event ); #endif EncryptionAlgorithmList EncryptionAlgorithms; - HashList Hashes; + Pkcs5KdfList Kdfs; }; } diff --git a/src/Main/Forms/MainFrame.cpp b/src/Main/Forms/MainFrame.cpp index c9efd405..d6f82a84 100644 --- a/src/Main/Forms/MainFrame.cpp +++ b/src/Main/Forms/MainFrame.cpp @@ -651,7 +651,7 @@ namespace VeraCrypt MountOptions mountOptions (GetPreferences().DefaultMountOptions); if (CmdLine->ArgHash) { - mountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); + mountOptions.Kdf = CmdLine->ArgHash; } if (CmdLine->ArgPim > 0) { @@ -676,7 +676,7 @@ namespace VeraCrypt MountOptions mountOptions (GetPreferences().DefaultMountOptions); if (CmdLine->ArgHash) { - mountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); + mountOptions.Kdf = CmdLine->ArgHash; } if (CmdLine->ArgPim > 0) { @@ -707,7 +707,7 @@ namespace VeraCrypt mountOptions.Path = GetSelectedVolumePath(); if (CmdLine->ArgHash) { - mountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); + mountOptions.Kdf = CmdLine->ArgHash; } if (CmdLine->ArgPim > 0) { @@ -962,7 +962,7 @@ namespace VeraCrypt MountOptions mountOptions (GetPreferences().DefaultMountOptions); if (CmdLine->ArgHash) { - mountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); + mountOptions.Kdf = CmdLine->ArgHash; } if (CmdLine->ArgPim > 0) { diff --git a/src/Main/Forms/VolumeCreationWizard.cpp b/src/Main/Forms/VolumeCreationWizard.cpp index b394085f..4d0c107d 100644 --- a/src/Main/Forms/VolumeCreationWizard.cpp +++ b/src/Main/Forms/VolumeCreationWizard.cpp @@ -174,7 +174,7 @@ namespace VeraCrypt page->SetPageTitle (LangString["CIPHER_TITLE"]); page->SetEncryptionAlgorithm (SelectedEncryptionAlgorithm); - page->SetHash (SelectedHash); + page->SetPkcs5Kdf (SelectedKdf); return page; } @@ -249,7 +249,7 @@ namespace VeraCrypt else page->SetPageTitle (LangString["PIM_TITLE"]); - page->SetPageText (LangString["PIM_HELP"]); + page->SetPageText (LangString[SelectedKdf ? SelectedKdf->GetPimHelpMessageId() : "PIM_HELP"]); page->SetVolumePim (Pim); return page; } @@ -708,10 +708,10 @@ namespace VeraCrypt { EncryptionOptionsWizardPage *page = dynamic_cast (GetCurrentPage()); SelectedEncryptionAlgorithm = page->GetEncryptionAlgorithm (); - SelectedHash = page->GetHash (); + SelectedKdf = page->GetPkcs5Kdf (); if (forward) - RandomNumberGenerator::SetHash (SelectedHash); + RandomNumberGenerator::SetHash (SelectedKdf->GetHash()); if (SelectedVolumePath.IsDevice() && (OuterVolume || SelectedVolumeType != VolumeType::Hidden)) return Step::VolumePassword; @@ -870,17 +870,23 @@ namespace VeraCrypt if (forward && Password && !Password->IsEmpty()) { - if (Password->Size() < VolumePassword::WarningSizeThreshold) + if (!SelectedKdf) { - if (Pim > 0 && Pim < 485) + Gui->ShowError ("PARAMETER_INCORRECT"); + return GetCurrentStep(); + } + + if (Password->Size() < VolumePassword::SmallPimPasswordSizeThreshold) + { + if (Pim > 0 && Pim < SelectedKdf->GetDefaultPim()) { - Gui->ShowError ("PIM_REQUIRE_LONG_PASSWORD"); + Gui->ShowError (SelectedKdf->GetPimRequireLongPasswordMessageId()); return GetCurrentStep(); } } - else if (Pim > 0 && Pim < 485) + else if (Pim > 0 && Pim < SelectedKdf->GetDefaultPim()) { - if (!Gui->AskYesNo (LangString["PIM_SMALL_WARNING"], false, true)) + if (!Gui->AskYesNo (LangString[SelectedKdf->GetPimSmallWarningMessageId()], false, true)) { return GetCurrentStep(); } @@ -1031,7 +1037,7 @@ namespace VeraCrypt options->Quick = QuickFormatEnabled; options->Size = VolumeSize; options->Type = OuterVolume ? VolumeType::Normal : SelectedVolumeType; - options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*SelectedHash); + options->VolumeHeaderKdf = SelectedKdf; options->EMVSupportEnabled = Gui->GetPreferences().EMVSupportEnabled; diff --git a/src/Main/Forms/VolumeCreationWizard.h b/src/Main/Forms/VolumeCreationWizard.h index d53e47be..cccdae00 100644 --- a/src/Main/Forms/VolumeCreationWizard.h +++ b/src/Main/Forms/VolumeCreationWizard.h @@ -87,7 +87,7 @@ namespace VeraCrypt int OuterPim; shared_ptr Kdf; uint32 SectorSize; - shared_ptr SelectedHash; + shared_ptr SelectedKdf; uint64 VolumeSize; private: diff --git a/src/Main/GraphicUserInterface.h b/src/Main/GraphicUserInterface.h index 8d27634c..adcb75ad 100644 --- a/src/Main/GraphicUserInterface.h +++ b/src/Main/GraphicUserInterface.h @@ -34,7 +34,7 @@ namespace VeraCrypt virtual void BackupVolumeHeaders (shared_ptr volumePath) const; virtual void BeginBusyState () const { wxBeginBusyCursor(); } virtual void BeginInteractiveBusyState (wxWindow *window); - virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentHash = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newHash = shared_ptr ()) const { ThrowTextModeRequired(); } + virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentKdf = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newKdf = shared_ptr ()) const { ThrowTextModeRequired(); } wxHyperlinkCtrl *CreateHyperlink (wxWindow *parent, const wxString &linkUrl, const wxString &linkText) const; virtual void CreateKeyfile (shared_ptr keyfilePath = shared_ptr ()) const; virtual void CreateVolume (shared_ptr options) const { ThrowTextModeRequired(); } diff --git a/src/Main/TextUserInterface.cpp b/src/Main/TextUserInterface.cpp index 8c5328cc..2ff21a5a 100644 --- a/src/Main/TextUserInterface.cpp +++ b/src/Main/TextUserInterface.cpp @@ -30,6 +30,30 @@ namespace VeraCrypt { + static bool CheckCustomPimForPassword (const TextUserInterface *ui, const shared_ptr &password, int pim, const shared_ptr &kdf, bool interactive) + { + int defaultPim = kdf ? kdf->GetDefaultPim() : 0; + if (!password || password->Size() == 0 || pim <= 0 || defaultPim <= 0 || pim >= defaultPim) + return true; + + if (password->Size() < VolumePassword::SmallPimPasswordSizeThreshold) + { + const char *messageId = kdf ? kdf->GetPimRequireLongPasswordMessageId() : "PIM_REQUIRE_LONG_PASSWORD"; + if (interactive) + { + ui->ShowError (messageId); + return false; + } + + throw_err (LangString [messageId]); + } + + if (interactive && !ui->AskYesNo (LangString [kdf ? kdf->GetPimSmallWarningMessageId() : "PIM_SMALL_WARNING"], false, true)) + return false; + + return true; + } + class AdminPasswordTextRequestHandler : public GetStringFunctor { public: @@ -295,11 +319,7 @@ namespace VeraCrypt ShowInfo ("EXTERNAL_VOL_HEADER_BAK_FIRST_INFO"); - shared_ptr kdf; - if (CmdLine->ArgHash) - { - kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); - } + shared_ptr kdf = CmdLine->ArgHash; shared_ptr normalVolume; shared_ptr hiddenVolume; @@ -468,7 +488,7 @@ namespace VeraCrypt ShowWarning ("ERR_XTS_MASTERKEY_VULNERABLE"); } - void TextUserInterface::ChangePassword (shared_ptr volumePath, shared_ptr password, int pim, shared_ptr currentHash, shared_ptr keyfiles, shared_ptr newPassword, int newPim, shared_ptr newKeyfiles, shared_ptr newHash) const + void TextUserInterface::ChangePassword (shared_ptr volumePath, shared_ptr password, int pim, shared_ptr currentKdf, shared_ptr keyfiles, shared_ptr newPassword, int newPim, shared_ptr newKeyfiles, shared_ptr newKdf) const { shared_ptr volume; @@ -487,11 +507,7 @@ namespace VeraCrypt bool passwordInteractive = !password.get(); bool keyfilesInteractive = !keyfiles.get(); - shared_ptr kdf; - if (currentHash) - { - kdf = Pkcs5Kdf::GetAlgorithm (*currentHash); - } + shared_ptr kdf = currentKdf; while (true) { @@ -555,8 +571,24 @@ namespace VeraCrypt newPassword = AskPassword (_("Enter new password"), true); // New PIM - if ((newPim < 0) && !Preferences.NonInteractive) - newPim = AskPim (_("Enter new PIM")); + shared_ptr effectiveNewKdf = newKdf ? newKdf : volume->GetPkcs5Kdf(); + bool newPimInteractive = false; + while (true) + { + if ((newPim < 0) && !Preferences.NonInteractive) + { + newPim = AskPim (_("Enter new PIM")); + newPimInteractive = true; + } + + if (CheckCustomPimForPassword (this, newPassword, newPim, effectiveNewKdf, !Preferences.NonInteractive)) + break; + + if (!newPimInteractive) + throw UserAbort (SRC_POS); + + newPim = -1; + } // New keyfiles if (!newKeyfiles.get() && !Preferences.NonInteractive) @@ -571,8 +603,7 @@ namespace VeraCrypt RandomNumberGenerator::SetEnrichedByUserStatus (false); UserEnrichRandomPool(); - Core->ChangePassword (volume, newPassword, newPim, newKeyfiles, true, - newHash ? Pkcs5Kdf::GetAlgorithm (*newHash) : shared_ptr ()); + Core->ChangePassword (volume, newPassword, newPim, newKeyfiles, true, newKdf); ShowInfo ("PASSWORD_CHANGED"); } @@ -845,27 +876,26 @@ namespace VeraCrypt options->EA = encryptionAlgorithms[AskSelection (encryptionAlgorithms.size(), 1) - 1]; } - // Hash algorithm + // Header key derivation function if (!options->VolumeHeaderKdf) { if (Preferences.NonInteractive) throw MissingArgument (SRC_POS); - ShowInfo (_("\nHash algorithm:")); + ShowInfo (_("\nKey derivation function:")); - vector < shared_ptr > hashes; - foreach (shared_ptr hash, Hash::GetAvailableAlgorithms()) + vector < shared_ptr > kdfs; + foreach (shared_ptr kdf, Pkcs5Kdf::GetAvailableAlgorithms()) { - if (!hash->IsDeprecated()) + if (!kdf->IsDeprecated()) { - ShowString (StringFormatter (L" {0}) {1}\n", (uint32) hashes.size() + 1, hash->GetName())); - hashes.push_back (hash); + ShowString (StringFormatter (L" {0}) {1}\n", (uint32) kdfs.size() + 1, kdf->GetName())); + kdfs.push_back (kdf); } } - shared_ptr selectedHash = hashes[AskSelection (hashes.size(), 1) - 1]; - RandomNumberGenerator::SetHash (selectedHash); - options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*selectedHash); + options->VolumeHeaderKdf = kdfs[AskSelection (kdfs.size(), 1) - 1]; + RandomNumberGenerator::SetHash (options->VolumeHeaderKdf->GetHash()); } @@ -939,10 +969,23 @@ namespace VeraCrypt } // PIM - if ((options->Pim < 0) && !Preferences.NonInteractive) + bool pimInteractive = false; + while (true) { - ShowString (L"\n"); - options->Pim = AskPim (_("Enter PIM")); + if ((options->Pim < 0) && !Preferences.NonInteractive) + { + ShowString (L"\n"); + options->Pim = AskPim (_("Enter PIM")); + pimInteractive = true; + } + + if (CheckCustomPimForPassword (this, options->Password, options->Pim, options->VolumeHeaderKdf, !Preferences.NonInteractive)) + break; + + if (!pimInteractive) + throw UserAbort (SRC_POS); + + options->Pim = -1; } // Keyfiles @@ -1546,11 +1589,7 @@ namespace VeraCrypt // Ask whether to restore internal or external backup bool restoreInternalBackup; - shared_ptr kdf; - if (CmdLine->ArgHash) - { - kdf = Pkcs5Kdf::GetAlgorithm (*CmdLine->ArgHash); - } + shared_ptr kdf = CmdLine->ArgHash; ShowInfo (LangString["HEADER_RESTORE_EXTERNAL_INTERNAL"]); ShowInfo (L"\n1) " + LangString["HEADER_RESTORE_INTERNAL"]); @@ -1799,7 +1838,7 @@ namespace VeraCrypt return; if (CmdLine->ArgHash) - RandomNumberGenerator::SetHash (CmdLine->ArgHash); + RandomNumberGenerator::SetHash (CmdLine->ArgHash->GetHash()); if (!CmdLine->ArgRandomSourcePath.IsEmpty()) { diff --git a/src/Main/TextUserInterface.h b/src/Main/TextUserInterface.h index e2e2a1a5..c75347dd 100644 --- a/src/Main/TextUserInterface.h +++ b/src/Main/TextUserInterface.h @@ -37,7 +37,7 @@ namespace VeraCrypt virtual bool AskYesNo (const wxString &message, bool defaultYes = false, bool warning = false) const; virtual void BackupVolumeHeaders (shared_ptr volumePath) const; virtual void BeginBusyState () const { } - virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentHash = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newHash = shared_ptr ()) const; + virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentKdf = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newKdf = shared_ptr ()) const; virtual void CreateKeyfile (shared_ptr keyfilePath = shared_ptr ()) const; virtual void CreateVolume (shared_ptr options) const; virtual void DeleteSecurityTokenKeyfiles () const; diff --git a/src/Main/UserInterface.cpp b/src/Main/UserInterface.cpp index 5965bb69..86056b62 100644 --- a/src/Main/UserInterface.cpp +++ b/src/Main/UserInterface.cpp @@ -1010,7 +1010,7 @@ const FileManager fileManagers[] = { cmdLine.ArgMountOptions.SharedAccessAllowed = cmdLine.ArgForce; if (cmdLine.ArgHash) { - cmdLine.ArgMountOptions.Kdf = Pkcs5Kdf::GetAlgorithm (*cmdLine.ArgHash); + cmdLine.ArgMountOptions.Kdf = cmdLine.ArgHash; } @@ -1108,8 +1108,8 @@ const FileManager fileManagers[] = { if (cmdLine.ArgHash) { - options->VolumeHeaderKdf = Pkcs5Kdf::GetAlgorithm (*cmdLine.ArgHash); - RandomNumberGenerator::SetHash (cmdLine.ArgHash); + options->VolumeHeaderKdf = cmdLine.ArgHash; + RandomNumberGenerator::SetHash (cmdLine.ArgHash->GetHash()); } options->EA = cmdLine.ArgEncryptionAlgorithm; @@ -1270,9 +1270,9 @@ const FileManager fileManagers[] = { " This option is not available on some platforms.\n" "\n" "--hash=HASH\n" - " Use specified hash algorithm when creating a new volume or changing password\n" - " and/or keyfiles. This option also specifies the mixing PRF of the random\n" - " number generator.\n" + " Use specified header key derivation algorithm when creating a new volume\n" + " or changing password and/or keyfiles. This option also specifies the\n" + " mixing hash of the random number generator.\n" "\n" "-k, --keyfiles=KEYFILE1[,KEYFILE2,KEYFILE3,...]\n" " Use specified keyfiles when mounting a volume or when changing password\n" diff --git a/src/Main/UserInterface.h b/src/Main/UserInterface.h index a41faad8..b4ad84d9 100644 --- a/src/Main/UserInterface.h +++ b/src/Main/UserInterface.h @@ -33,7 +33,7 @@ namespace VeraCrypt virtual bool AskYesNo (const wxString &message, bool defaultYes = false, bool warning = false) const = 0; virtual void BackupVolumeHeaders (shared_ptr volumePath) const = 0; virtual void BeginBusyState () const = 0; - virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentHash = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newHash = shared_ptr ()) const = 0; + virtual void ChangePassword (shared_ptr volumePath = shared_ptr (), shared_ptr password = shared_ptr (), int pim = 0, shared_ptr currentKdf = shared_ptr (), shared_ptr keyfiles = shared_ptr (), shared_ptr newPassword = shared_ptr (), int newPim = 0, shared_ptr newKeyfiles = shared_ptr (), shared_ptr newKdf = shared_ptr ()) const = 0; virtual void CheckRequirementsForMountingVolume () const; virtual void CloseExplorerWindows (shared_ptr mountedVolume) const; virtual void CreateKeyfile (shared_ptr keyfilePath = shared_ptr ()) const = 0; diff --git a/src/Mount/Mount.c b/src/Mount/Mount.c index 51139a00..f3ac489a 100644 --- a/src/Mount/Mount.c +++ b/src/Mount/Mount.c @@ -2919,6 +2919,7 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR && pwdChangeDlgMode == PCDM_CHANGE_PASSWORD) { int bootPRF = pkcs5; + int pimValidationValue = pim; if (bSysEncPwdChangeDlgMode) { try @@ -2930,7 +2931,17 @@ BOOL CALLBACK PasswordChangeDlgProc (HWND hwndDlg, UINT msg, WPARAM wParam, LPAR catch(...) {} } - if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pim, bSysEncPwdChangeDlgMode, bootPRF, FALSE, FALSE)) + else if (bootPRF == 0) + { + bootPRF = old_pkcs5; + if (bootPRF == 0) + { + /* Both current and new KDFs are autodetected. ChangePwd() repeats this + PIM/password-length validation after opening the header with the detected KDF. */ + pimValidationValue = 0; + } + } + if (!CheckPasswordLength (hwndDlg, GetWindowTextLength(GetDlgItem (hwndDlg, IDC_PASSWORD)), pimValidationValue, bSysEncPwdChangeDlgMode, bootPRF, FALSE, FALSE)) return 1; } diff --git a/src/Mount/Mount.rc b/src/Mount/Mount.rc index 2cdb313c..927ae937 100644 --- a/src/Mount/Mount.rc +++ b/src/Mount/Mount.rc @@ -172,9 +172,9 @@ BEGIN RTEXT "Wipe mode:",IDT_WIPE_MODE,9,220,74,8,0,WS_EX_RIGHT RTEXT "KDF:",IDT_KDF,12,34,74,10,SS_CENTERIMAGE RTEXT "Volume PIM:",IDT_OLD_PIM,12,54,74,10,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_OLD_PIM_HELP,135,54,196,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_OLD_PIM_HELP,135,54,196,8,NOT WS_VISIBLE RTEXT "Volume PIM:",IDT_PIM,9,157,75,16,NOT WS_VISIBLE - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,135,157,197,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,135,157,197,8,NOT WS_VISIBLE END IDD_MOUNT_DLG DIALOGEX 0, 0, 375, 271 @@ -222,7 +222,7 @@ BEGIN CONTROL "U&se keyfiles",IDC_KEYFILES_ENABLE,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,70,87,99,11 PUSHBUTTON "&Keyfiles...",IDC_KEY_FILES,173,84,75,14 PUSHBUTTON "Mount Opti&ons...",IDC_MOUNT_OPTIONS,252,84,69,14 - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,115,46,199,8,NOT WS_VISIBLE + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,115,46,199,8,NOT WS_VISIBLE DEFPUSHBUTTON "OK",IDOK,252,8,69,14 PUSHBUTTON "Cancel",IDCANCEL,252,25,69,14 RTEXT "Password:",IDT_PASSWORD,0,10,65,13 @@ -413,7 +413,7 @@ BEGIN LTEXT "Label of selected favorite volume:",IDT_FAVORITE_LABEL,18,215,202,8 GROUPBOX "Global Settings",IDC_FAV_VOL_OPTIONS_GLOBAL_SETTINGS_BOX,7,300,366,42 EDITTEXT IDC_PIM,87,183,42,13,ES_RIGHT | ES_PASSWORD | ES_AUTOHSCROLL | ES_NUMBER - LTEXT "(Empty or 0 for default iterations)",IDC_PIM_HELP,135,186,189,8 + LTEXT "(Empty or 0 for defaults)",IDC_PIM_HELP,135,186,189,8 LTEXT "Volume PIM:",IDT_PIM,18,185,65,8 CONTROL "Display PIM",IDC_SHOW_PIM,"Button",BS_AUTOCHECKBOX | WS_TABSTOP,18,200,150,10 CONTROL "Use favorite label as Explorer drive label",IDC_FAVORITE_USE_LABEL_IN_EXPLORER, diff --git a/src/Volume/EncryptionTest.cpp b/src/Volume/EncryptionTest.cpp index 8c2f2bd6..9564807f 100644 --- a/src/Volume/EncryptionTest.cpp +++ b/src/Volume/EncryptionTest.cpp @@ -21,9 +21,47 @@ #endif #include "EncryptionTest.h" #include "Pkcs5Kdf.h" +#include "VolumeHeader.h" namespace VeraCrypt { +#if !defined (WOLFCRYPT_BACKEND) && !defined (VC_DCS_DISABLE_ARGON2) + class FailingArgon2Kdf : public Pkcs5Kdf + { + public: + FailingArgon2Kdf () : Pkcs5Kdf() { } + virtual ~FailingArgon2Kdf () { } + + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const + { + (void) key; + (void) password; + (void) pim; + (void) salt; + return 1; + } + + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + { + (void) key; + (void) password; + (void) salt; + (void) iterationCount; + return 1; + } + + virtual shared_ptr GetHash () const { return shared_ptr (new Blake2b); } + virtual int GetIterationCount (int pim) const { return 1; } + virtual wstring GetName () const { return L"Argon2"; } + virtual Pkcs5Kdf* Clone () const { return new FailingArgon2Kdf(); } + virtual bool IsArgon2 () const { return true; } + + private: + FailingArgon2Kdf (const FailingArgon2Kdf &); + FailingArgon2Kdf &operator= (const FailingArgon2Kdf &); + }; +#endif + void EncryptionTest::TestAll () { TestAll (false); @@ -1127,37 +1165,131 @@ namespace VeraCrypt #ifndef WOLFCRYPT_BACKEND Pkcs5HmacBlake2s pkcs5HmacBlake2s; - pkcs5HmacBlake2s.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacBlake2s.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\x8d\x51\xfa\x31", 4) != 0) throw TestFailed (SRC_POS); Pkcs5HmacSha512 pkcs5HmacSha512; - pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\x13\x64\xae\xf8", 4) != 0) throw TestFailed (SRC_POS); Pkcs5HmacWhirlpool pkcs5HmacWhirlpool; - pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacWhirlpool.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\x50\x7c\x36\x6f", 4) != 0) throw TestFailed (SRC_POS); Pkcs5HmacSha256 pkcs5HmacSha256; - pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\xf2\xa0\x4f\xb2", 4) != 0) throw TestFailed (SRC_POS); Pkcs5HmacStreebog pkcs5HmacStreebog; - pkcs5HmacStreebog.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacStreebog.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\xd0\x53\xa2\x30", 4) != 0) throw TestFailed (SRC_POS); + + #ifndef VC_DCS_DISABLE_ARGON2 + Pkcs5Argon2 pkcs5Argon2; + static const uint8 argon2SaltData[] = { 's', 'o', 'm', 'e', 's', 'a', 'l', 't' }; + static const uint8 argon2Pim1DerivedKey[] = + { + 0x9e, 0x87, 0x89, 0xc8, 0xb4, 0x28, 0x34, 0x22, + 0x0a, 0xfc, 0x00, 0x08, 0x5a, 0xc7, 0x3a, 0xcc, + 0x30, 0x86, 0x51, 0x21, 0x69, 0x94, 0xab, 0xbf, + 0xdd, 0xd6, 0x9b, 0x25, 0x92, 0x03, 0x2e, 0xfd + }; + ConstBufferPtr argon2Salt (argon2SaltData, sizeof (argon2SaltData)); + Buffer argon2DerivedKey (sizeof (argon2Pim1DerivedKey)); + + // PIM 1 maps to Argon2id t=3, m=64 MiB, p=1. + if (pkcs5Argon2.DeriveKey (argon2DerivedKey, password, 1, argon2Salt) != 0) + throw TestFailed (SRC_POS); + if (memcmp (argon2DerivedKey.Ptr(), argon2Pim1DerivedKey, sizeof (argon2Pim1DerivedKey)) != 0) + throw TestFailed (SRC_POS); + + try + { + if (pkcs5Argon2.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); + throw TestFailed (SRC_POS); + } + catch (ParameterIncorrect&) + { + } + + shared_ptr sha512Kdf (new Pkcs5HmacSha512); + shared_ptr failingArgon2Kdf (new FailingArgon2Kdf); + shared_ptr ea (new AES); + SecureBuffer headerBuffer (TC_VOLUME_HEADER_SIZE); + SecureBuffer dataKey (ea->GetKeySize() * 2); + SecureBuffer headerSalt (VolumeHeader::GetSaltSize()); + SecureBuffer headerKey (VolumeHeader::GetLargestSerializedKeySize()); + + for (size_t i = 0; i < dataKey.Size(); ++i) + dataKey.Ptr()[i] = (uint8) (i + 1); + + for (size_t i = 0; i < headerSalt.Size(); ++i) + headerSalt.Ptr()[i] = (uint8) (i + 2); + + if (sha512Kdf->DeriveKey (headerKey, password, 1, headerSalt) != 0) + throw TestFailed (SRC_POS); + + VolumeHeaderCreationOptions options; + options.DataKey = dataKey; + options.EA = ea; + options.Kdf = sha512Kdf; + options.HeaderKey = headerKey; + options.Salt = headerSalt; + options.SectorSize = TC_SECTOR_SIZE_FILE_HOSTED_VOLUME; + options.VolumeDataStart = TC_VOLUME_HEADER_GROUP_SIZE; + options.VolumeDataSize = TC_MIN_VOLUME_SIZE; + options.Type = VolumeType::Normal; + + VolumeHeader header (TC_VOLUME_HEADER_SIZE); + header.Create (headerBuffer, options); + + Pkcs5KdfList kdfs; + kdfs.push_back (failingArgon2Kdf); + kdfs.push_back (sha512Kdf); + + EncryptionAlgorithmList encryptionAlgorithms; + encryptionAlgorithms.push_back (shared_ptr (new AES)); + + EncryptionModeList encryptionModes; + encryptionModes.push_back (shared_ptr (new EncryptionModeXTS)); + + VolumeHeader decryptedHeader (TC_VOLUME_HEADER_SIZE); + if (!decryptedHeader.Decrypt (headerBuffer, password, 1, shared_ptr (), kdfs, encryptionAlgorithms, encryptionModes) + || decryptedHeader.GetPkcs5Kdf()->GetName() != sha512Kdf->GetName()) + { + throw TestFailed (SRC_POS); + } + + try + { + decryptedHeader.Decrypt (headerBuffer, password, 1, failingArgon2Kdf, kdfs, encryptionAlgorithms, encryptionModes); + throw TestFailed (SRC_POS); + } + catch (ExternalException&) + { + } + #endif #else Pkcs5HmacSha256 pkcs5HmacSha256; - pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacSha256.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\x64\xf3\xa5\xa3", 4) != 0) throw TestFailed (SRC_POS); Pkcs5HmacSha512 pkcs5HmacSha512; - pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5); + if (pkcs5HmacSha512.DeriveKey (derivedKey, password, salt, 5) != 0) + throw TestFailed (SRC_POS); if (memcmp (derivedKey.Ptr(), "\x55\xa1\x76\xbb", 4) != 0) throw TestFailed (SRC_POS); #endif diff --git a/src/Volume/Pkcs5Kdf.cpp b/src/Volume/Pkcs5Kdf.cpp index bb11d749..fc16660d 100644 --- a/src/Volume/Pkcs5Kdf.cpp +++ b/src/Volume/Pkcs5Kdf.cpp @@ -11,8 +11,12 @@ */ #include "Common/Pkcs5.h" +#include "Platform/StringConverter.h" #include "Pkcs5Kdf.h" #include "VolumePassword.h" +#if !defined (WOLFCRYPT_BACKEND) && !defined (VC_DCS_DISABLE_ARGON2) +#include "argon2.h" +#endif namespace VeraCrypt { @@ -24,16 +28,22 @@ namespace VeraCrypt { } - void Pkcs5Kdf::DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const + int Pkcs5Kdf::DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const { - DeriveKey (key, password, salt, GetIterationCount(pim)); + return DeriveKey (key, password, salt, GetIterationCount(pim)); + } + + wstring Pkcs5Kdf::GetDerivationFailureMessage (int result) const + { + (void) result; + return L"Key derivation failed"; } shared_ptr Pkcs5Kdf::GetAlgorithm (const wstring &name) { foreach (shared_ptr kdf, GetAvailableAlgorithms()) { - if (kdf->GetName() == name) + if (kdf->GetName() == name || (kdf->IsArgon2() && name == L"Argon2id")) return kdf; } throw ParameterIncorrect (SRC_POS); @@ -43,6 +53,9 @@ namespace VeraCrypt { foreach (shared_ptr kdf, GetAvailableAlgorithms()) { + if (kdf->IsArgon2()) + continue; + if (typeid (*kdf->GetHash()) == typeid (hash)) return kdf; } @@ -60,6 +73,9 @@ namespace VeraCrypt l.push_back (shared_ptr (new Pkcs5HmacBlake2s ())); l.push_back (shared_ptr (new Pkcs5HmacWhirlpool ())); l.push_back (shared_ptr (new Pkcs5HmacStreebog ())); + #ifndef VC_DCS_DISABLE_ARGON2 + l.push_back (shared_ptr (new Pkcs5Argon2 ())); + #endif #endif return l; } @@ -71,54 +87,96 @@ namespace VeraCrypt } #ifndef WOLFCRYPT_BACKEND - void Pkcs5HmacBlake2s_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacBlake2s_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_blake2s (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } - void Pkcs5HmacBlake2s::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacBlake2s::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_blake2s (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } #endif - void Pkcs5HmacSha256_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacSha256_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_sha256 (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } - void Pkcs5HmacSha256::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacSha256::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_sha256 (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } - void Pkcs5HmacSha512::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacSha512::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_sha512 (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } #ifndef WOLFCRYPT_BACKEND - void Pkcs5HmacWhirlpool::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacWhirlpool::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_whirlpool (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } - void Pkcs5HmacStreebog::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacStreebog::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_streebog (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } + + #ifndef VC_DCS_DISABLE_ARGON2 + int Pkcs5Argon2::DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const + { + int iterationCount; + int memoryCost; + get_argon2_params (pim, &iterationCount, &memoryCost); + + ValidateParameters (key, password, salt, iterationCount); + return derive_key_argon2 (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, memoryCost, key.Get(), (int) key.Size(), NULL); + } + + int Pkcs5Argon2::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + { + (void) key; + (void) password; + (void) salt; + (void) iterationCount; + throw ParameterIncorrect (SRC_POS); + } + + wstring Pkcs5Argon2::GetDerivationFailureMessage (int result) const + { + return L"Argon2 key derivation failed: " + StringConverter::ToWide (argon2_error_message (result)); + } + + int Pkcs5Argon2::GetIterationCount (int pim) const + { + int iterationCount; + int memoryCost; + get_argon2_params (pim, &iterationCount, &memoryCost); + return iterationCount; + } + #endif - void Pkcs5HmacStreebog_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const + int Pkcs5HmacStreebog_Boot::DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const { ValidateParameters (key, password, salt, iterationCount); derive_key_streebog (password.DataPtr(), (int) password.Size(), salt.Get(), (int) salt.Size(), iterationCount, key.Get(), (int) key.Size(), NULL); + return 0; } #endif } diff --git a/src/Volume/Pkcs5Kdf.h b/src/Volume/Pkcs5Kdf.h index b87d700e..30af3753 100644 --- a/src/Volume/Pkcs5Kdf.h +++ b/src/Volume/Pkcs5Kdf.h @@ -27,15 +27,22 @@ namespace VeraCrypt public: virtual ~Pkcs5Kdf (); - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const; - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const = 0; static shared_ptr GetAlgorithm (const wstring &name); static shared_ptr GetAlgorithm (const Hash &hash); static Pkcs5KdfList GetAvailableAlgorithms (); virtual shared_ptr GetHash () const = 0; + virtual wstring GetDerivationFailureMessage (int result) const; + virtual int GetDefaultPim () const { return 485; } + virtual const char *GetPimHelpMessageId () const { return "PIM_HELP"; } + virtual const char *GetPimLargeWarningMessageId () const { return "PIM_LARGE_WARNING"; } + virtual const char *GetPimSmallWarningMessageId () const { return "PIM_SMALL_WARNING"; } + virtual const char *GetPimRequireLongPasswordMessageId () const { return "PIM_REQUIRE_LONG_PASSWORD"; } virtual int GetIterationCount (int pim) const = 0; virtual wstring GetName () const = 0; virtual Pkcs5Kdf* Clone () const = 0; + virtual bool IsArgon2 () const { return false; } virtual bool IsDeprecated () const { return GetHash()->IsDeprecated(); } protected: @@ -55,8 +62,9 @@ namespace VeraCrypt Pkcs5HmacBlake2s_Boot () : Pkcs5Kdf() { } virtual ~Pkcs5HmacBlake2s_Boot () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Blake2s); } + virtual int GetDefaultPim () const { return 98; } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); } virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; } virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacBlake2s_Boot(); } @@ -72,7 +80,7 @@ namespace VeraCrypt Pkcs5HmacBlake2s () : Pkcs5Kdf() { } virtual ~Pkcs5HmacBlake2s () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Blake2s); } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); } virtual wstring GetName () const { return L"HMAC-BLAKE2s-256"; } @@ -90,8 +98,9 @@ namespace VeraCrypt Pkcs5HmacSha256_Boot () : Pkcs5Kdf() { } virtual ~Pkcs5HmacSha256_Boot () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Sha256); } + virtual int GetDefaultPim () const { return 98; } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : (pim * 2048); } virtual wstring GetName () const { return L"HMAC-SHA-256"; } virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacSha256_Boot(); } @@ -107,7 +116,7 @@ namespace VeraCrypt Pkcs5HmacSha256 () : Pkcs5Kdf() { } virtual ~Pkcs5HmacSha256 () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Sha256); } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); } virtual wstring GetName () const { return L"HMAC-SHA-256"; } @@ -124,7 +133,7 @@ namespace VeraCrypt Pkcs5HmacSha512 () : Pkcs5Kdf() { } virtual ~Pkcs5HmacSha512 () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Sha512); } virtual int GetIterationCount (int pim) const { return (pim <= 0 ? 500000 : (15000 + (pim * 1000))); } virtual wstring GetName () const { return L"HMAC-SHA-512"; } @@ -141,7 +150,7 @@ namespace VeraCrypt Pkcs5HmacWhirlpool () : Pkcs5Kdf() { } virtual ~Pkcs5HmacWhirlpool () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Whirlpool); } virtual int GetIterationCount (int pim) const { return (pim <= 0 ? 500000 : (15000 + (pim * 1000))); } virtual wstring GetName () const { return L"HMAC-Whirlpool"; } @@ -158,7 +167,7 @@ namespace VeraCrypt Pkcs5HmacStreebog () : Pkcs5Kdf() { } virtual ~Pkcs5HmacStreebog () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Streebog); } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 500000 : (15000 + (pim * 1000)); } virtual wstring GetName () const { return L"HMAC-Streebog"; } @@ -168,6 +177,33 @@ namespace VeraCrypt Pkcs5HmacStreebog (const Pkcs5HmacStreebog &); Pkcs5HmacStreebog &operator= (const Pkcs5HmacStreebog &); }; + + #ifndef VC_DCS_DISABLE_ARGON2 + class Pkcs5Argon2 : public Pkcs5Kdf + { + public: + Pkcs5Argon2 () : Pkcs5Kdf() { } + virtual ~Pkcs5Argon2 () { } + + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, int pim, const ConstBufferPtr &salt) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual wstring GetDerivationFailureMessage (int result) const; + virtual shared_ptr GetHash () const { return shared_ptr (new Blake2b); } + virtual int GetDefaultPim () const { return 12; } + virtual const char *GetPimHelpMessageId () const { return "PIM_ARGON2_HELP"; } + virtual const char *GetPimLargeWarningMessageId () const { return "PIM_ARGON2_LARGE_WARNING"; } + virtual const char *GetPimSmallWarningMessageId () const { return "PIM_ARGON2_SMALL_WARNING"; } + virtual const char *GetPimRequireLongPasswordMessageId () const { return "PIM_ARGON2_REQUIRE_LONG_PASSWORD"; } + virtual int GetIterationCount (int pim) const; + virtual wstring GetName () const { return L"Argon2"; } + virtual Pkcs5Kdf* Clone () const { return new Pkcs5Argon2(); } + virtual bool IsArgon2 () const { return true; } + + private: + Pkcs5Argon2 (const Pkcs5Argon2 &); + Pkcs5Argon2 &operator= (const Pkcs5Argon2 &); + }; + #endif class Pkcs5HmacStreebog_Boot : public Pkcs5Kdf { @@ -175,8 +211,9 @@ namespace VeraCrypt Pkcs5HmacStreebog_Boot () : Pkcs5Kdf() { } virtual ~Pkcs5HmacStreebog_Boot () { } - virtual void DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; + virtual int DeriveKey (const BufferPtr &key, const VolumePassword &password, const ConstBufferPtr &salt, int iterationCount) const; virtual shared_ptr GetHash () const { return shared_ptr (new Streebog); } + virtual int GetDefaultPim () const { return 98; } virtual int GetIterationCount (int pim) const { return pim <= 0 ? 200000 : pim * 2048; } virtual wstring GetName () const { return L"HMAC-Streebog"; } virtual Pkcs5Kdf* Clone () const { return new Pkcs5HmacStreebog_Boot(); } diff --git a/src/Volume/VolumeHeader.cpp b/src/Volume/VolumeHeader.cpp index 846eaa75..6c6f422d 100644 --- a/src/Volume/VolumeHeader.cpp +++ b/src/Volume/VolumeHeader.cpp @@ -107,7 +107,14 @@ namespace VeraCrypt if (kdf && (kdf->GetName() != pkcs5->GetName())) continue; - pkcs5->DeriveKey (headerKey, password, pim, salt); + int derivationResult = pkcs5->DeriveKey (headerKey, password, pim, salt); + if (derivationResult != 0) + { + if (!kdf) + continue; + + throw ExternalException (SRC_POS, pkcs5->GetDerivationFailureMessage (derivationResult)); + } foreach (shared_ptr mode, encryptionModes) { diff --git a/src/Volume/VolumePassword.cpp b/src/Volume/VolumePassword.cpp index 8189338b..96378f5e 100644 --- a/src/Volume/VolumePassword.cpp +++ b/src/Volume/VolumePassword.cpp @@ -18,6 +18,7 @@ namespace VeraCrypt { const size_t VolumePassword::MaxLegacySize = 64; const size_t VolumePassword::MaxSize = 128; + const size_t VolumePassword::SmallPimPasswordSizeThreshold = 20; const size_t VolumePassword::WarningSizeThreshold = 12; VolumePassword::VolumePassword () : PasswordSize (0) diff --git a/src/Volume/VolumePassword.h b/src/Volume/VolumePassword.h index 684d86f1..8c871384 100644 --- a/src/Volume/VolumePassword.h +++ b/src/Volume/VolumePassword.h @@ -43,6 +43,7 @@ namespace VeraCrypt static const size_t MaxLegacySize; static const size_t MaxSize; + static const size_t SmallPimPasswordSizeThreshold; static const size_t WarningSizeThreshold; protected: