7

During the setup of a new encrypted volume, the VeraCrypt requires a random mouse movement within the window. If someone looking from the outside can see that a monkey sitting in front of a computer playing with the mouse.

There are good solutions to generate cryptographically secure keys like the usual /dev/urandom [1] [2] on Linux and BCryptGenRandom on Windows. During the random key generations in TLS, nobody is asked to be a monkey. In OpenSSL openssl rand 128 handles key generation very fastly.

So, at this age, why we still need the mouse movement on VeraCrypt? Is there any specific reason that I miss it?

kelalaka
  • 5,409
  • 4
  • 24
  • 47

1 Answers1

4

I think you need to look at the history of the codebase to understand why it's there in the first place. VeraCrypt descended from TrueCrypt, which was built at a time when the CSPRNG in Windows used an unspecified method of generating data:

Because CryptGenRandom is the de facto standard CSPRNG in Win32 environments, its security is critical for Windows users.

The specifics of CryptGenRandom's algorithm have not been officially published. As with any unpublished random number generation algorithm, it may be susceptible to theoretical weaknesses including the use of outdated algorithms, and a reliance for entropy gathering on several monotonically-increasing counters that might be estimated or controlled to an extent by an attacker with local access to the system.

As to whether it's still necessary by today's standards, well that is obviously a matter of taste. I managed to find a high-level statement about CSPRNG in .NET. I've been unable to uncover any sort of specification for the CSPRNG built into Windows, after about 10 minutes of searching through the Microsoft documentation.

Here's a good discussion about CSPRNG for readers that have yet to consider this aspect of information security: Pornin 2010 https://stackoverflow.com/a/3532136

brynk
  • 832
  • 2
  • 13