Which hash algorithm truecrypt

Using TrueCrypt 7. Use the Whirlpool hash algorithm. SHA is a very close 2nd place here I'm leaning towards Whirlpool because SHA is already having a successor developed because of fears that it is based on an older SHA-1 that has been compromised.

Use Microsoft's online password checker for a strength test. You can also use Keyfiles to further secure your password. That one is the most tried and true and the most tested of all of them. Plus, if someone assumes a file is encrypted with AES, there's no way of seeing that is is then encrypted with Twofish First, it's not said that AES is unbreakable, merely that none of the currently known attacks reduce the computational cost to a point where it's feasible. That's about half of the annual electricity consumption of Norway.

Actually computing an AES round takes several times that much energy. Twofish is a symmetric key block cipher with a block size of bits and key sizes up to bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twofish is related to the earlier block cipher Blowfish.

Twofish's distinctive features are the use of pre-computed key-dependent S-boxes, and a relatively complex key schedule. One half of an n-bit key is used as the actual encryption key and the other half of the n-bit key is used to modify the encryption algorithm key-dependent S-boxes.

Twofish has a Feistel structure like DES. Twofish also employs a Maximum Distance Separable matrix. On most software platforms Twofish was slightly slower than Rijndael the chosen algorithm for Advanced Encryption Standard for bit keys, but it is somewhat faster for bit keys.

From Wikipedia :. Serpent is a symmetric key block cipher that was a finalist in the Advanced Encryption Standard AES contest, where it was ranked second to Rijndael. Like other AES submissions, Serpent has a block size of bits and supports a key size of , or bits.

Each round applies one of eight 4-bit to 4-bit S-boxes 32 times in parallel. Serpent was designed so that all operations can be executed in parallel, using 32 bit slices. This maximizes parallelism, but also allows use of the extensive cryptanalysis work performed on DES. Serpent took a conservative approach to security, opting for a large security margin: the designers deemed 16 rounds to be sufficient against known types of attack, but specified 32 rounds as insurance against future discoveries in cryptanalysis.

In final voting, Serpent had the least number of negative votes among the finalists, but scored second place overall because Rijndael had substantially more positive votes, the deciding factor being that Rijndael allowed for a far more efficient software implementation.

But they found a way to break SHA. Again they found a way to break it. There it comes SHA-3 Kakee or something like this. Running the same algorithm multiple times may result in less security then using the original algorithm one time. Sign up to join this community. The best answers are voted up and rise to the top. Stack Overflow for Teams — Collaborate and share knowledge with a private group.

Create a free Team What is Teams? Learn more. Which TrueCrypt Algorithm is the safest? Ask Question. Asked 11 years ago. Active 5 years ago. Viewed k times. If performance is of no concern, which TrueCrypt algorithm is the safest to use? Improve this question. Amir Rezaei Amir Rezaei 1, 3 3 gold badges 14 14 silver badges 21 21 bronze badges. They're all safe, otherwise they wouldn't be in the product. But use AES, since it's the standard. I'd say unless there is a government agency after you, the quality of your password is more likely to be an issue than the encryption algorithm.

Add a comment. Active Oldest Votes. Improve this answer. This is probably overkill though. You say use chars, but isn't that overkill?

More than good enough surely? Dan W: At one check per second, surely. However, though hashing methods vary a lot in performance, consumer grade hardware comes a lot closer to testing billions of passwords per second. Funny side note, TrueCrypt does not know either. As a matter of fact both have to simply try all possible combinations by decrypting the first block of data.

This first block after decryption contains a known and fixed marker and some other checksums. If an attacker or the TrueCrypt software itself can confirm that marker after decrypting the first block, given the correct key, the current hashing algorithm and cipher will be selected.

Though, because only the user knows the password, this only works for the real user. The attacker has both problems at once, he does not know the password and he does not know the hashing algorithm or the cipher. We can come to the conclusion that an attacker has to try the same password against a total of 24 different combinations. This means oclHashcat will support 24 different modes actually more because of hidden-volume and boot support to crack TrueCrypt volumes.

The way TrueCrypt works is that it will know by the selection of the cipher or cascaded cipher which output keysize to compute using the KDF function. For example "AES-Twofish-Serpent", the creation involved three different ciphers, each of size bit. And here comes the problem: Because of how PBKDF2 is designed, the first bits are always the same regardless of the selected output keysize.

This is also true for the next bits and the last bits. In other words, the leading bits of the output key do not change whatever TrueCrypt selects as cipher or cascaded cipher. It's important to note that this behavior with PBKDF2 is not some sort of bug, this is simply of how it is supposed to work.