Manual VeraCrypt 1.16 (page 146 of 162) (English)

658731

146

Zoom out

Zoom in

1/162

142

Generated Values

The content of the RNG pool is never directly exported (even when VeraCrypt instructs the RNG to

generate and export a value). Thus, even if the attacker obtains a value generated by the RNG, it is

infeasible for him to determine or predict (using the obtained value) any other values generated by

the RNG during the session (it is infeasible to determine the content of the pool from a value

generated by the RNG).

The RNG ensures this by performing the following steps whenever VeraCrypt instructs it to

generate and export a value:

1. Data obtained from the sources listed above is added to the pool as described above.

2. The requested number of bytes is copied from the pool to the output buffer (the copying

starts from the position of the pool cursor; when the end of the pool is reached, the copying

continues from the beginning of the pool; if the requested number of bytes is greater than the

size of the pool, no value is generated and an error is returned).

3. The state of each bit in the pool is inverted (i.e., 0 is changed to 1, and 1 is changed to 0).

4. Data obtained from some of the sources listed above is added to the pool as described above.

5. The content of the pool is transformed using the pool mixing function. Note: The function

uses a cryptographically secure one-way hash function selected by the user (for more

information, see the section Pool Mixing Function above).

6. The transformed content of the pool is XORed into the output buffer as follows:

a. The output buffer write cursor is set to 0 (the first byte of the buffer).

b. The byte at the position of the pool cursor is read from the pool and XORed into the

byte in the output buffer at the position of the output buffer write cursor.

c. The pool cursor position is advanced by one byte. If the end of the pool is reached,

the cursor position is set to 0 (the first byte of the pool).

d. The position of the output buffer write cursor is advanced by one byte.

e. Steps b–d are repeated for each remaining byte of the output buffer (whose length is

equal to the requested number of bytes).

7. The content of the output buffer, which is the final value generated by the RNG, is exported.

Design Origins

The design and implementation of the random number generator are based on the following works:

 Software Generation of Practically Strong Random Numbers by Peter Gutmann [10]

 Cryptographic Random Numbers by Carl Ellison [11]

Report abuse

Libble takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Product:

Forumrules

To achieve meaningful questions, we apply the following rules:

First, read the manual;
Check if your question has been asked previously;
Try to ask your question as clearly as possible;
Did you already try to solve the problem? Please mention this;
Is your problem solved by a visitor then let him/her know in this forum;
To give a response to a question or answer, do not use this form but click on the button 'reply to this question';
Your question will be posted here and emailed to our subscribers. Therefore, avoid filling in personal details.

new questions and answers
new manuals

You will receive an email to register for one or both of the options.

Get your user manual by e-mail

Enter your email address to receive the manual of VeraCrypt 1.16 in the language / languages: English as an attachment in your email.

The manual is 2,98 mb in size.

You will receive the manual in your email within minutes. If you have not received an email, then probably have entered the wrong email address or your mailbox is too full. In addition, it may be that your ISP may have a maximum size for emails to receive.

The manual is sent by email. Check your email

If you have not received an email with the manual within fifteen minutes, it may be that you have a entered a wrong email address or that your ISP has set a maximum size to receive email that is smaller than the size of the manual.

The email address you have provided is not correct.

Please check the email address and correct it.

Your question is posted on this page

Would you like to receive an email when new answers and questions are posted? Please enter your email address.

Info

VeraCrypt 1.16 Manual

Product: