VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/doc/html/Unencrypted Data in RAM.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/html/Unencrypted Data in RAM.html')
-rw-r--r--doc/html/Unencrypted Data in RAM.html12
1 files changed, 8 insertions, 4 deletions
diff --git a/doc/html/Unencrypted Data in RAM.html b/doc/html/Unencrypted Data in RAM.html
index 8917867a..9c4de777 100644
--- a/doc/html/Unencrypted Data in RAM.html
+++ b/doc/html/Unencrypted Data in RAM.html
@@ -10,8 +10,8 @@
</head>
<body>
-<div>
-<a href="https://www.veracrypt.fr/en/Home.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
+<div>
+<a href="Documentation.html"><img src="VeraCrypt128x128.png" alt="VeraCrypt"/></a>
</div>
<div id="menu">
@@ -27,7 +27,7 @@
<div>
<p>
-<a href="Documentation.html">Documentation</a>
+<a href="Documentation.html">Documentation</a>
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
<a href="Security%20Requirements%20and%20Precautions.html">Security Requirements and Precautions</a>
<img src="arrow_right.gif" alt=">>" style="margin-top: 5px">
@@ -48,6 +48,10 @@ Inherently, unencrypted master keys have to be stored in RAM too. When a non-sys
cleanly restarted), or when the system crashes, <strong style="text-align:left">
VeraCrypt naturally stops running and therefore cannot </strong>erase any keys or any other sensitive data. Furthermore, as Microsoft does not provide any appropriate API for handling hibernation and shutdown, master keys used for system encryption cannot be
reliably (and are not) erased from RAM when the computer hibernates, is shut down or restarted.**</div>
+<div style="text-align:left; margin-top:19px; margin-bottom:19px; padding-top:0px; padding-bottom:0px">
+Starting from version 1.24, VeraCrypt introduces a mechanism to encrypt master keys and cached passwords in RAM. This RAM encryption mechanism must be activated manually in "Performance/Driver Configuration" dialog. RAM encryption comes with a performance overhead (between 5% and 15% depending on the CPU speed) and it disables Windows hibernate. <br>
+Moreover, VeraCrypt 1.24 and above provide an additional security mechanism when system encryption is used that makes VeraCrypt erase master keys from RAM when a new device is connected to the PC. This additional mechanism can be activated using an option in System Settings dialog.<br/>
+Even though both above mechanisms provides strong protection for masterskeys and cached password, users should still take usual precautions related for the safery of sensitive data in RAM.</div>
<table style="border-collapse:separate; border-spacing:0px; text-align:left; font-size:11px; line-height:13px; font-family:Verdana,Arial,Helvetica,sans-serif">
<tbody style="text-align:left">
<tr style="text-align:left">
@@ -70,4 +74,4 @@ Hibernation File</a>).</td>
provide any appropriate API for handling the final phase of the system shutdown process, paging files located on encrypted system volumes that are dismounted during the system shutdown process may still contain valid swapped-out memory pages (including portions
of Windows system files). This could cause 'blue screen' errors. Therefore, to prevent 'blue screen' errors, VeraCrypt does not dismount encrypted system volumes and consequently cannot clear the master keys of the system volumes when the system is shut down
or restarted.</span></p>
-</div><div class="ClearBoth"></div></body></html> \ No newline at end of file
+</div><div class="ClearBoth"></div></body></html>