Von der Verschlüsselungs-Software VeraCrypt (https://www.veracrypt.fr/en/Downloads.html) ist nach fast exakt einem Jahr mal wieder eine neue stabile Version (1.24) freigegeben worden. Changelog (https://www.veracrypt.fr/en/Release%20Notes.html)-Auszug:

Increase password maximum length to 128 bytes in UTF-8 encoding for non-system volumes.
Use Hardware RNG based on CPU timing jitter "Jitterentropy" by Stephan Mueller as a good alternative to CPU RDRAND (http://www.chronox.de/jent.html)
Speed optimization of XTS mode on 64-bit machine using SSE2 (up to 10% faster).
Fix detection of CPU features AVX2/BMI2. Add detection of RDRAND/RDSEED CPU features. Detect Hygon CPU as AMD one.
Windows: Implement RAM encryption for keys and passwords using ChaCha12 cipher, t1ha non-cryptographic fast hash and ChaCha20 based CSPRNG.
Windows: Several enhancements and fixes for EFI bootloader

Sehr gut zu sehen, dass an dieser Stelle weiterentwickelt wurde, denn ich habe Veracrypt an mehreren Stellen im Einsatz.

Mich hats diesmal amüsiert. Nachdem ich ihn gefragt hab (voller Bewunderung...) wie es möglich ist, daß EIN Mann sowas dermassen voranpeitscht, dauerte der nächste Update Monate :biggrin:

VeraCrypt V1.24-Hotfix1 (https://www.veracrypt.fr/en/Downloads.html)


Windows:
Fix 1.24 regression that caused system favorites not to mount at boot if VeraCrypt freshly installed.
Fix failure to encrypt system if the current Windows username contains a Unicode non-ASCII character.
Make VeraCrypt Expander able to resume expansion of volumes whose previous expansion was aborted before it finishes.
Add "Quick Expand" option to VeraCrypt Expander to accelarate the expansion of large file containers.
Add several robustness checks and validation in case of system encryption to better handle some corner cases.
Minor UI and documentation changes.

Linux:
Workaround gcc 4.4.7 bug under CentOS 6 that caused VeraCrypt built under CentOS 6 to crash when Whirlpool hash is used.
Fix "incorrect password attempt" written to /var/log/auth.log when mounting volumes.
Fix dropping file in UI not showing its correct path , specifically under GTK-3.
Add missing JitterEntropy implementation/

MacOSX:
Fix some devices and partitions not showing in the device selection dialog under OSX 10.13 and newer.
Fix keyboard tab navigation between password fields in "Volume Password" page of volume creation wizard.
Add missing JitterEntropy implementation/
Support APFS filesystem for creation volumes.
Support Dark Mode.

VeraCrypt V1.24-Update2 (https://www.veracrypt.fr/en/Downloads.html) erschienen. Changelog-Auszug:

Clear AES key from stack memory when using non-optimized implementation. Doesn't apply to VeraCrypt official build (Reported and fixed by Hanno Böck)
Update Jitterentropy RNG Library to version 2.2.0
Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB).
Various documentation enhancements.
Windows: Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501)

Version 1.24-Update4 (https://www.veracrypt.fr/en/Downloads.html)


Windows:
Fix regression in Expander and Format when RAM encryption is enable that was causing volume headers to be corrupted.
Fix failure of Screen Readers (Accessibility support) to read UI by disabling newly introduced memory protection by default and adding a CLI switch (/protectMemory) to enable it when needed.
Fix side effects related to the fix for CVE-2019-19501 which caused links in UI not to open.
Add switch /signalExit to support notifying WAITFOR Windows command when VeraCrypt.exe exits if /q was specified in CLI (cf documentation for usage).
Don't display mount/dismount examples in help dialog for command line in Format and Expander.
Documentation and translation updates.

Linux:
Fix regression that limited the size available for hidden volumes created on disk or partition.

MacOSX:
Fix regression that limited the size available for hidden volumes created on disk or partition.

Was ist da plötzlich anders?
Ich schau mir nach einem Update immer 1x den Bench an. Das war jetzt seit etlichen Versionen quasi konstant gleich.

AES 4.1/4.2 und 4.1/4.2 GB/s, Camellia konstant 1.6/1.6 GB/s.

Camellia bleibt auch jetzt gleich schnell. AES schwankt jetzt aber beim Entschlüsseln zwischen 4.3 und 3.8, beim Verschlüsseln zwischen 4.0 und 3.5 (!)

Bei 50MB. Bei 100MB ändert Camellia sich immernoch nicht, AES lag grad aber bei 2.3 (!) GB/s. Dann wieder bei 4.0 GB/s.

Bin wieder bei Update2. Weil, eben keine Ahnung was da passiert...

Version 1.24-Update6 (https://www.veracrypt.fr/en/Downloads.html) (wobei es kurz zuvor auch ein Update5 gab):

1.24-Update6 (March 10th, 2020):

Windows:
Fix PIM label text truncation in password dialog
Fix wrong language used in installer if user selects a language other than English and then selects English before clicking OK on language selection dialog.

1.24-Update5 (March 9th, 2020):

Windows:
Optimize performance for CPUs that have more than 64 logical processors (contributed by Sachin Keswani from AMD)
Support specifying keyfiles (both in tokens and in filesystem) when creating file containers using command line (switches /keyfile, /tokenlib and /tokenpin supported in VeraCrypt Format)
Fix leak of keyfiles path and name after VeraCrypt process exits.
Add CLI switch /secureDesktop to VeraCrypt Format.
Update libzip to version 1.6.1
Minor UI fixes

VeraCrypt V1.24-Update7 (https://www.veracrypt.fr/en/Release%20Notes.html):


All OSes:

Don't allow Hidden volume to have the same password, PIM and keyfiles as Outer volume
Fix random crash in 32-bit builds when using Streebog.
Enable FIPS mode in JitterEntropy random generator.
Update Beginner's Tutorial in documentation to use "MyVolume.hc" instead of "My Volume" for file container name in order to avoid confusion about nature of file nature.
Minor code cleanup

Windows:

Fix wrong results in benchmark of encryption algorithms when RAM encryption is enabled
Fix issue when RAM encryption used, AES selected and AES-NI not supported by CPU that caused the free space of newly created volumes not filled with random data even if "quick format" is not selected.
Fix UI for blocking TRIM in system encryption not working in MBR boot mode.
Support password drag-n-drop from external applications (e.g. KeePass) to password UI fields which is more secure than using clipboard.
Implements compatibility with Windows 10 Modern Standby and Windows 8.1 Connected Standby power model. This makes detection of entring power saving mode more reliable.
Avoid displaying waiting dialog when /silent specified for "VeraCrypt Format" during creating of file container using /create switch and a filesystem other than FAT.
Use native Windows format program to perform formatting of volume since it is more reliable and only fallback to FormatEx function from fmifs.dll in case of issue.
Don't use API for Processor Groups support if there is only 1 CPU group in the system. This can fix slowness issue observed on some PCs with AMD CPUs.
Don't allow to encrypt the system drive if it is already encrypted by BitLocker.
Implement detection of Hibernate and Fast Startup and disable them if RAM encryption is activated.
Warn about Fast Startup if it is enabled during VeraCrypt installation/upgrade, when starting system encryption or when creating a volume, and propose to disable it.
Add UI options to control the behavior of automatic bootloader fixing when System Encryption used.
Don't allow a directory path to be entered for the file container to be created in Format wizard.
Don't try to use fix for CVE-2019-19501 if Windows Shell has been modified or is not running since there is no reliable way to fix it in such non standard configuation.
MBR bootloader: fix incorrect compressed data size passed to decompressor in boot sector.
Add warning message when typed password reaches maximum length during the system encryption wizard.
Fix wrong error message when UTF-8 encoding of entered password exceeds the maximum supported length.
Fix crash when using portable 32-bit "VeraCrypt Format.exe" to create hidden volume on a 64-bit machine where VeraCrypt is already installed.
Update libzip to latest version 1.7.3.
Update translations.

Linux/MacOSX:

Force reading of at least 32 bytes from /dev/random before allowing it to fail gracefully
Allow choosing a filesystem other than FAT for Outer volume but display warning about risks of such choice. Implement an estimation of maximum possible size of hidden volume in this case.
Erase sensitive memory explicitly instead of relying on the compiler not optimizing calls to method Memory::Erase.
Add support for Btrfs filesystem when creating volumes (Linux Only).
Update wxWidgets for static builds to version 3.0.5.

Danke für die news