VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorMounir IDRASSI <mounir.idrassi@idrix.fr>2019-03-03 18:44:21 +0100
committerMounir IDRASSI <mounir.idrassi@idrix.fr>2019-03-03 23:48:28 +0100
commit8e398770544b303d22fe24fbd89034c7f62c6bf6 (patch)
treebcd135f1b16787b87d176544c21775d7eb4f9361 /doc
parentf6274642f056810c5bf686da9adcea985d302c30 (diff)
downloadVeraCrypt-8e398770544b303d22fe24fbd89034c7f62c6bf6.tar.gz
VeraCrypt-8e398770544b303d22fe24fbd89034c7f62c6bf6.zip
Increment version to 1.24-Beta3. Update Release Notes.
Diffstat (limited to 'doc')
-rw-r--r--doc/chm/VeraCrypt User Guide.chmbin1955031 -> 1955375 bytes
-rw-r--r--doc/html/Release Notes.html32
2 files changed, 22 insertions, 10 deletions
diff --git a/doc/chm/VeraCrypt User Guide.chm b/doc/chm/VeraCrypt User Guide.chm
index 1208bc68..6548cb5a 100644
--- a/doc/chm/VeraCrypt User Guide.chm
+++ b/doc/chm/VeraCrypt User Guide.chm
Binary files differ
diff --git a/doc/html/Release Notes.html b/doc/html/Release Notes.html
index c56bd1a9..1cfcfb5f 100644
--- a/doc/html/Release Notes.html
+++ b/doc/html/Release Notes.html
@@ -39,17 +39,34 @@
<strong>Note to users who created volumes with 1.17 version of VeraCrypt or earlier: </strong><br/>
<span style="color:#ff0000;">To avoid hinting whether your volumes contain a hidden volume or not, or if you depend on plausible deniability when using hidden volumes/OS, then you must recreate both the outer and hidden volumes including system encryption and hidden OS, discarding existing volumes created prior to 1.18a version of VeraCrypt.</span></li>
</p>
-<p><strong style="text-align:left">1.24-Beta2 </strong>(January 31<sup>th</sup>, 2019):</p>
+<p><strong style="text-align:left">1.24-Beta3 </strong>(March 3<sup>rd</sup>, 2019):</p>
<ul>
<li><strong>All OSs:</strong>
<ul>
<li>Increase password maximum length to 128 bytes in UTF-8 encoding.</li>
+<ul>
+<li>Add option to use legacy maximum password length (64) instead of new one for compatibility reasons.</li>
+</ul>
+<li>Use Hardware RNG based on CPU timing jitter "Jitterentropy" by Stephan Mueller as a good alternative to CPU RDRAND (<a href="http://www.chronox.de/jent.html" target="_blank">http://www.chronox.de/jent.html</a>)</li>
<li>Speed optimization of XTS mode on 64-bit machine using SSE2 (up to 10% faster).</li>
<li>Fix detection of CPU features AVX2/BMI2. Add detection of RDRAND/RDSEED CPU features. Detect Hygon CPU as AMD one.</li>
</ul>
</li>
<li><strong>Windows:</strong>
<ul>
+<li>Implement RAM encryption for keys and passwords using ChaCha12 cipher, t1ha non-cryptographic fast hash and ChaCha20 based CSPRNG.</li>
+<ul>
+<li>Available only on 64-bit machines.</li>
+<li>Disabled by default. Can be enabled using option in UI.</li>
+<li>Less than 10% overhead on modern CPUs.</li>
+</ul>
+<li>Mitigate some memory attacks by making VeraCrypt applications memory inaccessible to non-admin users (based on KeePassXC implementation)</li>
+<li>New security features:</li>
+<ul>
+<li>Erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks</li>
+<li>Add option when system encryption is used to erase all encryption keys from memory when a new device is connected to the system.</li>
+<li>Add new driver entry point that can be called by applications to erase encryption keys from memory in case of emergency.</li>
+</ul>
<li>MBR Bootloader: dynamically determine boot loader memory segment instead of hardcoded values (proposed by neos6464)</li>
<li>MBR Bootloader: workaround for issue affecting creation of hidden OS on some SSD drives.</li>
<li>Fix issue related to Windows Update breaking VeraCrypt UEFI bootloader.</li>
@@ -61,19 +78,14 @@
<li>Fix ESC on password prompt during Pre-Test not starting Windows.</li>
<li>Add menu entry in Rescue Disk that enables starting original Windows loader.</li>
</ul>
-<li>Better support Multi-boot for EFI system encryption.</li>
-<li>New security features:</li>
-<ul>
-<li>Erase system encryption keys from memory during shutdown/reboot to help mitigate some cold boot attacks</li>
-<li>Add option when system encryption is used to erase all encryption keys from memory when a new device is connected to the system.</li>
-<li>Add new driver entry point that can be called by applications to erase encryption keys from memory in case of emergency.</li>
-</ul>
-<li>Use CPU RDRAND or RDSEED as an additional entropy source for our random generator when available.</li>
-<li>Add mount option that allows mounting a volume without attaching it to the specified drive letter.</li>
+<li>Add option (disabled by default) to use CPU RDRAND or RDSEED as an additional entropy source for our random generator when available.</li>
+<li>Add mount option (both UI and command line) that allows mounting a volume without attaching it to the specified drive letter.</li>
<li>Update libzip to version 1.5.1</li>
<li>Do not create uninstall shortcut in startmenu when installing VeraCrypt. (by Sven Strickroth)</li>
<li>Enable selection of Quick Format for file containers creation. Separate Quick Format and Dynamic Volume options in the wizard UI.</li>
<li>Fix editor of EFI system encryption configuration file not accepting ENTER key to add new lines.</li>
+<li>Avoid simultaneous calls of favorites mounting, for example if corresponding hotkey is pressed multiple times.</li>
+<li>Ensure that only one thread at a time can create a secure desktop.</li>
<li>Updates and corrections to translations and documentation.</li>
</ul>
</li>