开源磁盘加密软件 VeraCrypt + x64 中文多语特别版是一款适用于 Windows,Mac OSX 和 Linux 的免费开源磁盘加密软件。VeraCrypt 是 TrueCrypt 的分支,主要开发者是法国的 Mounir Idrassi,他在 TrueCrypt 基础上强化了防暴力免费功能。VeraCrypt 增强了用于系统和分区加密的算法的安全性,使其免受暴力免费攻击。VeraCrypt 还解决了TrueCrypt中发现的许多漏洞和安全问题。

VeraCrypt 主要特点:

在文件中创建虚拟加密磁盘并将其作为实际磁盘安装。
加密整个分区或存储设备,如 USB 闪存驱动器或硬盘驱动器。
加密安装 Windows 的分区或驱动器(预启动身份验证)。
加密是自动的,实时的(即时)和透明的。
并行化和流水线操作允许读取和写入数据,就像驱动器未加密一样快。
加密可以在现代处理器上进行硬件加速。
如果对手强迫您泄露密码,则提供合理的拒绝:隐藏卷(隐写)和隐藏的操作系统。

VeraCrypt 是一个用于建立和维护动态加密卷(数据存储设备)的软件。即时加密意味着数据在保存之前就会自动加密,并在加载后立即解密,无需任何用户干预。如果不使用正确的密码/密钥文件或正确的加密密钥,则无法读取(解密)存储在加密卷上的数据。整个文件系统被加密(例如,文件名,文件夹名,每个文件的内容,空闲空间,元数据等)。

可以将文件复制到已安装的 VeraCrypt 卷中,也可以将其复制到任何普通磁盘上(例如,通过简单的拖放操作)。在从加密的 VeraCrypt 卷读取或复制文件时,文件会在运行中(在内存/RAM 中)自动解密。同样,正在写入或复制到 VeraCrypt 卷的文件会在 RAM 中自动加密(在它们写入磁盘之前)。请注意,这并不意味着要加密/解密的整个文件必须先存储在RAM中才能加密/解密。VeraCrypt 没有额外的内存(RAM)要求。有关如何完成此操作的说明,请参阅以下段落。

假设有一个 .avi 视频文件存储在 VeraCrypt 卷上(因此,视频文件是完全加密的)。用户提供正确的密码(和/或密钥文件)并安装(打开)VeraCrypt 卷。当用户双击视频文件的图标时,操作系统启动与文件类型相关联的应用程序 – 通常是媒体播放器。然后,媒体播放器开始将视频文件的一小部分初始部分从 VeraCrypt 加密卷加载到 RAM(存储器)以便播放它。在加载该部分时,VeraCrypt 会自动解密它(在 RAM 中)。然后,媒体播放器播放视频的解密部分(存储在 RAM 中)。在播放此部分时,媒体播放器开始将另一小部分视频文件从 VeraCrypt 加密卷加载到 RAM(内存),然后重复该过程。此过程称为动态加密/解密,适用于所有文件类型(不仅适用于视频文件)。

请注意,VeraCrypt 从不将任何解密数据保存到磁盘 – 它只将它们临时存储在 RAM(内存)中。即使安装了卷,存储在卷中的数据仍然是加密的。当您重新启动Windows或关闭计算机时,将卸除卷,并且将无法访问(并加密)存储在其中的文件。即使电源突然中断(没有正确的系统关闭),存储在卷中的文件也是不可访问(和加密)的。要使它们再次可访问,您必须装入卷(并提供正确的密码和/或密钥文件)。

有关 VeraCrypt 功能的更多信息,请参阅文档。

官方主页

VeraCrypt 1.24 更新日志
All OSes:
clear AES key from stack memory when using non-optimized implementation. Doesn’t apply to VeraCrypt official build (Reported and fixed by Hanno B?ck)
Update Jitterentropy RNG Library to version 2.2.0
Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB).
Various documentation enhancements.
Windows:
Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501)
MBR bootloader:
workaround for SSD disks that don’t allow write operations in BIOS mode with buffers less than 4096 bytes.
Don’t restore MBR to VeraCrypt value if it is coming from a loader different from us or different from Microsoft one.
EFI bootloader:
Fix “ActionFailed” not working and add “ActionCancelled” to customize handling of user hitting ESC on password prompt
Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory.
Fix multi-OS boot compatibility by only setting VeraCrypt as first bootloader of the system if the current first bootloader is Windows one.
Add new registry flags for SystemFavoritesService to control updating of EFI BIOS boot menu on shutdown.
Allow system encrypted drive to be mounted in WindowsPE even if changing keyboard layout fails (reported and fixed by Sven Strickroth)
Enhancements to the mechanism preserving file timestamps, especially for keyfiles.
Fix RDRAND instruction not detected on AMD CPUs.
Detect cases where RDRAND is flawed (e.g. AMD Ryzen) to avoid using it if enabled by user.
Don’t write extra 0x00 byte at the end of DcsProp file when modifying it through UI
Reduce memory usage of IOCTL_DISK_VERIFY handler used in disk verification by Windows.
Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected.
Fix the checkbox for skipping verification of Rescue Disk not reflecting the value of /noisocheck switch specified in VeraCrypt Format command line.
check “TrueCrypt Mode” in password dialog when mounting a file container with .tc extension
Update XML languages files.
Linux:
Fix regression causing admin password to be requested too many times in some cases
Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno B?ck)
Make sure password gets deleted in case of internal error when mounting volume (Reported and fixed by Hanno B?ck)
Fix passwords using Unicode characters not recognized in text mode.
Fix failure to run VeraCrypt binary built for console mode on headless machines.
Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
Add CLI switch (–use-dummy-sudo-password) to force use of old sudo behavior of sending a dummy password
During uninstall, output error message to STDERR instead of STDOUT for better compatibility with package managers.
Make sector size mismatch error when mounting disks more verbose.
Speedup SHA256 in 64-bit mode by using assembly code.
MacOSX:
Add switch to force the use of legacy maximum password length (64 UTF8 bytes)
Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno B?ck)
Fix passwords using Unicode characters not recognized in text mode.
Make sector size mismatch error when mounting disks more verbose.
Speedup SHA256 in 64-bit mode by using assembly code.
Link against latest wxWidgets version 3.1.3

https://www.veracrypt.fr/en/Release%20Notes.html

https://www.veracrypt.fr/en/Release%20Notes.html

Note to publishers: If you intend to host our files on your server, please instead consider linking to this page. It will help us prevent spreading of obsolete versions, which we believe is critical when security software is concerned. Thank you.

Supported versions of operating systems

PGP Public Key: https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc (ID=0x680D16DE, Fingerprint=5069A233D55A0EEB174A5FC3821ACD02680D16DE)

Latest Stable Release
For macOS 10.7 and later: 1.24-Update8 (Saturday November 28, 2020)
For the other operating systems: 1.24-Update7 (Friday August 7, 2020)

声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。