#Veracrypt 1.26.24 has been released (#TrueCrypt / #CipherShed / #DiskCryptor / #OTFE / #Crypto / #Encryption / #DiskEncryption / #GOSTBlockCipher / #RFC7801 / #RFC8891 / #BLAKE2s256 / #Whirlpool / #Streebog / #AES / #Camellia / #Kuznyechik / #Serpent / #Twofish / #IDRIX / #AMCrypto) https://veracrypt.fr/
#Twofish
So I wanted to encrypt some files. Thought about using 7z+password. Stackexchange folks said "Didn't review it but it should be fine. You can browse the code yourself". So I did. After a few mins I noticed they use 8byte "random" IV. Yes, half of IV is zeroes. But it gets worse.
https://threadreaderapp.com/thread/1087848040583626753.html
#7z #7zip #Encryption #Random #Number #Generation #Password #Security #Twofish #AES #NSA
7-zip_369456_full.jpg
https://threadreaderapp.com/thread/1087848040583626753.html
#7z #7zip #Encryption #Random #Number #Generation #Password #Security #Twofish #AES #NSA
7-zip_369456_full.jpg
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst