VeraCrypt 1.18 and its bootloaders were evaluated. This release included a number of new features including non-western developed encryption options, a boot loader that supports UEFI (modern BIOSes), and more.

QuarksLab found:

8 Critical Vulnerabilities

3 Medium Vulnerabilities

15 Low or Informational Vulnerabilities / Concerns

This public disclosure of these vulnerabilities coincides with the release of VeraCrypt 1.19 which fixes the vast majority of these high priority concerns. Some of these issues have not been fixed due to high complexity for the proposed fixes, but workarounds have been presented in the documentation for VeraCrypt.

The Fixes:

Because of this audit, VeraCrypt has issued a number of fixes to both the application and the bootloader in 1.19.

The fixes include:

Removal of the GOST 28147-89 encryption option entirely. The implementation was unsafe. Functionality for decryption of volumes that used this cipher is still in place, but new volumes cannot be created using this cipher.

The implementation was unsafe. Functionality for decryption of volumes that used this cipher is still in place, but new volumes cannot be created using this cipher. Removal of XZip and XUnzip. These were replaced with modern and more secure zip libraries (libzip).

These were replaced with modern and more secure zip libraries (libzip). Fixes implemented for the vulnerability described in section 5.1 (password length can be determined in classic bootloader).

(password length can be determined in classic bootloader). Fixes implemented for the vulnerability described in section 7.1 for the new bootloader. (keystrokes not erased after authentication)

for the new bootloader. (keystrokes not erased after authentication) Fixes implemented for the vulnerability described in section 7.2 for the new bootloader. (sensitive data not correctly erased)

for the new bootloader. (sensitive data not correctly erased) Fixes implemented for the vulnerability described in section 7.3 for the new bootloader. (memory corruption)

for the new bootloader. (memory corruption) Fixes implemented for the vulnerability described in section 7.4 for the new bootloader. (null pointer, dead code, inconsistent data reads by ConfigRead, bad pointer in EFIGetHandles, null pointer dereference in the graphic library.)

for the new bootloader. (null pointer, dead code, inconsistent data reads by ConfigRead, bad pointer in EFIGetHandles, null pointer dereference in the graphic library.) Updates to user documentation for other vulnerabilities that can be closed by user practices.

VeraCrypt is much safer after this audit, and the fixes applied to the software mean that the world is safer when using this software.

Please donate to OSTIF if you want us to continue this valuable work. We plan to continue this project indefinitely, as long as the community continues to support us. Every donation makes the internet stronger, and safer.

I’d also like to extend a special thank you to Fred, Jean-Baptiste, and Marion at QuarksLab for conducting this audit, to Mounir at Idrix for his enthusiastic participation and continued development of this crucial open-source software, and to VikingVPN and DuckDuckGo and all of our individual donors for the funding to make this audit possible. We have all made the digital world a little bit safer for all of us.

The full audit report can be accessed below, please do not direct link to the audit report, as we would like visitors to see our synopsis and donation links before viewing the full audit. Thank you.

veracrypt-audit-final-for-public-release.pdf