Veracrypt running for long time

red-pepper-pesto · April 30, 2024, 7:29pm

I am trying to decrypt a 1GB partition in external drive encrypted using veracrypt. I think there might be some problems. I first ran with an incorrect password, I did not get any response that the password is wrong but the decryption process was running for more than 10 mins. I realized I entered wrong password, cancelled the process and started a new process with correct password and its running for more than 10 mins now.

I installed veracrypt on debian 12 minimal. I am using the veracrypt 1.26.7 command line tool.

Shouldn’t veracrypt complain that I am using wrong password when I use one? The process keeps running whatever password I enter.
Is there any way to check validity of my password without having to decrypt the partition.
I am assuming that it should not take more than 10 mins to decrypt 1GB of partition. What are the factors impacting the decryption speed?

(Edit) 4. The qube has 4 cores but the veracrypt process is using only one core. I could see that the CPU consumption is 25%. Is there any way to force veracrypt to use more cores? Would it speedup the process?

apparatus · April 30, 2024, 7:44pm

It depends on how did you encrypt the drive.
You could configure key derivation function to be such that it’d take an hour to decrypt the partition.
It’s used against brute-force attacks:
Key derivation function - Wikipedia

red-pepper-pesto · April 30, 2024, 7:47pm

@apparatus Thank you for the response. Is there any way for me to know if the password is correct. I used two different passwords and both times, the process was running for a long time without any feedback.

apparatus · April 30, 2024, 7:51pm

There is no way to check if the password is correct except for decrypting the drive.

Did you successfully decrypt your veracrypt drive before? In your Qubes OS or in another system? How much time did it take?

red-pepper-pesto · April 30, 2024, 7:55pm

@apparatus I created the partition few months ago. I don’t remember decrypting it.

apparatus · April 30, 2024, 7:57pm

It seems that only one core is fully loaded,
Can you check the process that is consuming the CPU using top in qube’s terminal? Maybe it’s not veracrypt?
Based on this the veracrypt should support parallelization by default:
VeraCrypt - Free Open source disk encryption with strong security for the Paranoid
So I don’t know what’s happening. Maybe it’s stuck somewhere due to a bug.

red-pepper-pesto · April 30, 2024, 8:01pm

I did use top. it shows 99% for veracrypt which is one processor. The overall CPU consumption is 25% (1 out of 4).

    PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND                                                                               
    787 root      20   0   13212   5008   4352 R  99.7   0.1  49:30.84 veracrypt

apparatus · April 30, 2024, 8:10pm

I guess you can try to specify all the encryption options so it won’t try to find the correct ones itself:

You cannot tell which hash algorithm was used for key derivation. Even VeraCrypt itself does not know. When you type in a password, VeraCrypt performs key derivation with every possible hash function that is supported, and then tries each one until it successfully decrypts the volume header.

red-pepper-pesto · November 1, 2024, 8:52am

Based on the limited analysis I did at that time the functions used to determine CPU count works only on windows. So the multi thread computation works only on windows. In linux, veracrypt runs only on one thread.

github.com

veracrypt/VeraCrypt/blob/92ad97ef33c88ef15d4e267472bae447a2a0f09c/src/Common/EncryptionThreadPool.c#L345


      
          #ifdef DEVICE_DRIVER
          	PsTerminateSystemThread (STATUS_SUCCESS);
          #else
          	_endthreadex (0);
              return 0;
          #endif
          }
          
          #ifndef DEVICE_DRIVER
          
          size_t GetCpuCount (WORD* pGroupCount)
          {
          	size_t cpuCount = 0;
          	SYSTEM_INFO sysInfo;
          	GetActiveProcessorGroupCountFn GetActiveProcessorGroupCountPtr = (GetActiveProcessorGroupCountFn) GetProcAddress (GetModuleHandle (L"Kernel32.dll"), "GetActiveProcessorGroupCount");
          	GetActiveProcessorCountFn GetActiveProcessorCountPtr = (GetActiveProcessorCountFn) GetProcAddress (GetModuleHandle (L"Kernel32.dll"), "GetActiveProcessorCount");
          	if (GetActiveProcessorGroupCountPtr && GetActiveProcessorCountPtr)
          	{
          		WORD j, groupCount = GetActiveProcessorGroupCountPtr();
          		size_t totalProcessors = 0;
          		for (j = 0; j < groupCount; ++j)