<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="zh">
	<id>https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=VeraCrypt</id>
	<title>VeraCrypt - 版本历史</title>
	<link rel="self" type="application/atom+xml" href="https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=VeraCrypt"/>
	<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=VeraCrypt&amp;action=history"/>
	<updated>2026-07-10T08:47:23Z</updated>
	<subtitle>本wiki上该页面的版本历史</subtitle>
	<generator>MediaWiki 1.43.9</generator>
	<entry>
		<id>https://arolstar52-zhtest.hf.space/index.php?title=VeraCrypt&amp;diff=2629245&amp;oldid=prev</id>
		<title>imported&gt;InternetArchiveBot：​Reformat 1 URL (Wayback Medic 2.5)) #IABot (v2.0.9.5) (GreenC bot</title>
		<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=VeraCrypt&amp;diff=2629245&amp;oldid=prev"/>
		<updated>2023-09-18T15:50:06Z</updated>

		<summary type="html">&lt;p&gt;Reformat 1 URL (&lt;a href=&quot;/index.php?title=En:User:GreenC/WaybackMedic_2.5&amp;amp;action=edit&amp;amp;redlink=1&quot; class=&quot;new&quot; title=&quot;En:User:GreenC/WaybackMedic 2.5（页面不存在）&quot;&gt;Wayback Medic 2.5&lt;/a&gt;)) #IABot (v2.0.9.5) (&lt;a href=&quot;/index.php?title=User:GreenC_bot&amp;amp;action=edit&amp;amp;redlink=1&quot; class=&quot;new&quot; title=&quot;User:GreenC bot（页面不存在）&quot;&gt;GreenC bot&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;&lt;b&gt;新页面&lt;/b&gt;&lt;/p&gt;&lt;div&gt;{{noteTA&lt;br /&gt;
|G1 = IT&lt;br /&gt;
}}&lt;br /&gt;
{{Infobox software&lt;br /&gt;
| logo                   = VeraCrypt Logo.svg&lt;br /&gt;
| screenshot             = VeraCrypt screenshot.png&lt;br /&gt;
| caption                = VeraCrypt 1.17 （[[Windows]]平台）&lt;br /&gt;
| developer              = IDRIX&amp;lt;ref&amp;gt;{{cite web |title=Contact Us - IDRIX |url=https://www.idrix.fr/Root/mos/Contact_Us/Itemid,3/ |accessdate=16 November 2016 |archive-date=2022-04-19 |archive-url=https://web.archive.org/web/20220419184308/https://www.idrix.fr/Root/mos/Contact_Us/Itemid,3 }}&amp;lt;/ref&amp;gt;&amp;lt;!--&amp;lt;ref&amp;gt;{{cite web| title=Codeplex user page |date=7 Nov 2016 |url=https://www.codeplex.com/site/users/view/idrassi |accessdate=16 November 2016}}&amp;lt;/ref&amp;gt;--&amp;gt;&lt;br /&gt;
| released               = {{Start date and age|2013|06|22}} &amp;lt;!-- &amp;lt;ref name=&amp;quot;version-history&amp;quot;/&amp;gt; --&amp;gt;&lt;br /&gt;
| status                 = 活躍&lt;br /&gt;
| programming language   = [[C语言|C]]、[[C++]]、[[汇编语言]]&lt;br /&gt;
| operating system       = {{plainlist|&lt;br /&gt;
* [[Windows XP]]及更高版本&lt;br /&gt;
* [[Windows Server 2003]]–[[Windows Server 2012|2012]]&lt;br /&gt;
* [[Mac OS X Lion|macOS 10.7]]及更高版本&lt;br /&gt;
* [[Linux]]&lt;br /&gt;
* [[FreeBSD]] }}&lt;br /&gt;
| language count         = 37&lt;br /&gt;
| language footnote      = &amp;lt;ref&amp;gt;{{cite web |url=https://veracrypt.codeplex.com/downloads/get/1382125 |title=VeraCrypt 1.0f Bundle (All files and their signatures) |publisher=IDRIX |date= |accessdate=2015-01-04 |archive-date=2015-06-03 |archive-url=https://web.archive.org/web/20150603201317/https://veracrypt.codeplex.com/downloads/get/1382125 }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
| size                   = &lt;br /&gt;
| genre                  = {{link-en|硬盘加密软件|Disk encryption software}}&lt;br /&gt;
| license                = [[Apache License 2.0]] 但受限于 [[TrueCrypt|TrueCrypt License version 3.0]]&amp;lt;ref&amp;gt;{{cite web | title =VeraCrypt License | accessdate =2016-01-28 | url =https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20License | archive-date =2016-02-05 | archive-url =https://web.archive.org/web/20160205161022/https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20License }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
| website                = {{url|https://www.veracrypt.fr}}&lt;br /&gt;
}}&lt;br /&gt;
&lt;br /&gt;
&amp;#039;&amp;#039;&amp;#039;VeraCrypt&amp;#039;&amp;#039;&amp;#039;是一款[[开放源代码]]的{{link-en|即时加密软件|on-the-fly encryption}}（OTFE）。&amp;lt;ref name=&amp;quot;VeraCrypt Official Site&amp;quot;&amp;gt;{{Cite web |url=https://veracrypt.codeplex.com/ |title=&amp;quot;VeraCrypt Official Site&amp;quot; |access-date=2015-10-24 |archive-date=2021-03-30 |archive-url=https://web.archive.org/web/20210330110539/https://archive.codeplex.com/?p=veracrypt }}&amp;lt;/ref&amp;gt;它可以创建一个虚拟加密磁盘文件或加密分区&amp;lt;ref name=&amp;quot;VeraCrypt Volume&amp;quot;&amp;gt;{{cite web | url=https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Volume | title=VeraCrypt Volume | work=VeraCrypt Official Website | accessdate=February 16, 2015 | archive-date=2017-10-10 | archive-url=https://web.archive.org/web/20171010005347/https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Volume }}&amp;lt;/ref&amp;gt;，或{{link-en|预引导认证|Pre-boot authentication}}整个[[存储设备]]（除非使用了[[UEFI]]或[[GUID磁碟分割表|GPT]]）。&amp;lt;ref name=&amp;quot;OS Supported for System Encryption&amp;quot;&amp;gt;{{cite web | url=https://veracrypt.codeplex.com/wikipage?title=Supported%20Systems%20for%20System%20Encryption | title=Operating Systems Supported for System Encryption | work=VeraCrypt Official Website | accessdate=February 16, 2015 | archive-date=2017-10-10 | archive-url=https://web.archive.org/web/20171010010052/https://veracrypt.codeplex.com/wikipage?title=Supported%20Systems%20for%20System%20Encryption }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
VeraCrypt是已经停止开发的[[TrueCrypt]]项目的一个分支&amp;lt;ref name=&amp;quot;VeraCrypt a Worthy TrueCrypt Alternative&amp;quot;&amp;gt;{{cite web | url=http://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html | title=VeraCrypt a Worthy TrueCrypt Alternative | publisher=Quinstreet Enterprise | work=eSecurity Planet | date=October 13, 2014 | accessdate=February 16, 2015 | author=Rubens, Paul | archive-date=2018-01-04 | archive-url=https://web.archive.org/web/20180104195743/http://www.esecurityplanet.com/open-source-security/veracrypt-a-worthy-truecrypt-alternative.html | dead-url=no }}&amp;lt;/ref&amp;gt;。据其开发者声称，安全方面的改进已经落实，最初TrueCrypt的[[代码审计]]问题已得到解决。&amp;lt;ref&amp;gt;{{cite web | url=http://lifehacker.com/five-best-file-encryption-tools-5677725 | title=Five Best File Encryption Tools | publisher=Gawker Media | work=Lifehacker | date=February 8, 2015 | accessdate=February 16, 2015 | author=Henry, Alan | archive-date=2022-04-23 | archive-url=https://web.archive.org/web/20220423082936/https://lifehacker.com/five-best-file-encryption-tools-5677725 }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 加密方式 ==&lt;br /&gt;
&lt;br /&gt;
=== 算法 ===&lt;br /&gt;
与[[TrueCrypt]]相同，VeraCrypt支持的[[加密算法]]有[[高级加密标准|AES]]、[[Camellia]]、Kuzenyechik、[[Serpent]]及[[Twofish]]。此外，另有十种{{link-en|多重加密|Multiple encryption}}方式：AES-Twofish，AES-Twofish-Serpent，Serpent-AES，Serpent-Twofish-AES，Twofish-Serpent，Camellia-Kuzenyechik，Kuzenyechik-Twofish，Camellia-Serpent，Kuzenyechik-AES及Kuzenyechik-Serpent-Camellia。&amp;lt;ref&amp;gt;{{cite web | title =Encryption Algorithms | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Encryption%20Algorithms | accessdate =2015-01-04 | archive-date =2015-01-05 | archive-url =https://web.archive.org/web/20150105030644/https://veracrypt.codeplex.com/wikipage?title=Encryption%20Algorithms }}&amp;lt;/ref&amp;gt; 可使用的[[密碼雜湊函數|密码散列函数]]有[[RIPEMD-160]]，[[SHA-256]]，[[SHA-512]]，{{link-en|Whirlpool（加密算法）|Whirlpool (cryptography)|Whirlpool}}和Streebog。&amp;lt;ref&amp;gt;{{cite web | title =Hash Algorithms | work =VeraCrypt Documentation | publisher =IDRIX | date = | url =https://veracrypt.codeplex.com/wikipage?title=Hash%20Algorithms | accessdate =2015-01-04 | archive-date =2015-01-05 | archive-url =https://web.archive.org/web/20150105030517/https://veracrypt.codeplex.com/wikipage?title=Hash%20Algorithms }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 操作模式 ===&lt;br /&gt;
VeraCrypt使用{{link-en|XTS|Disk_encryption_theory#XEX-based_tweaked-codebook_mode_with_ciphertext_stealing_.28XTS.29}}[[块密码的工作模式|操作模式]]。&amp;lt;ref name=modes&amp;gt;{{cite web | title =Modes of Operation | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Modes%20of%20Operation | accessdate =2015-01-04 | archive-date =2015-01-05 | archive-url =https://web.archive.org/web/20150105024304/https://veracrypt.codeplex.com/wikipage?title=Modes%20of%20Operation }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 密匙===&lt;br /&gt;
软件头密匙（header key）和第二头密匙（the secondary header key）是使用512-[[位元|位]][[盐 (密码学)|盐]]和327,661至655,331迭代的[[PBKDF2]]产生的，这取决于其使用的底层散列函数。&amp;lt;ref&amp;gt;{{cite web | title =Header Key Derivation, Salt, and Iteration Count | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Header%20Key%20Derivation | accessdate =2015-01-04 | archive-date =2015-01-05 | archive-url =https://web.archive.org/web/20150105033629/https://veracrypt.codeplex.com/wikipage?title=Header%20Key%20Derivation }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 安全性改进 ==&lt;br /&gt;
据其开发者声称，VeraCrypt对TrueCrypt提出了一些安全方面的改进。&lt;br /&gt;
&lt;br /&gt;
虽然TrueCrypt使用1000次迭代的[[PBKDF2]]-[[RIPEMD160]]算法的系统分区，然而VeraCrypt使用的是327,661次迭代。对于标准储存器和其他分区，VeraCrypt使用655331次迭代的RIPEMD160和500,000次迭代[[SHA-2]]和Whirlpool。虽然这使得VeraCrypt在打开被加密分区时稍慢，但它可以让密码破解增加最少10倍和最多约300倍的的难度。“事实上，如果破解TrueCrypt的加密分区需要一个月，那么破解VeraCrypt可能需要一年。”&amp;lt;ref name=&amp;quot;VeraCrypt a Worthy TrueCrypt Alternative&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Windows在[[引导程序]]中的漏洞也是如此。开发人员增加了对[[SHA-256]]的系统启动加密选项，还修正了[[Shell]]的安全问题。[[Linux]]和[[OS X|Mac OS X]]用户受益于硬盘驱动器[[磁盘扇区|扇区]]大小大于512的支持，并且Linux得到了[[NTFS]]格式加密扇区的支持。&lt;br /&gt;
&lt;br /&gt;
由于安全性改进，因此VeraCrypt存储格式是与TrueCrypt不兼容的。VeraCrypt开发团队认为，TrueCrypt的旧格式容易受到[[美国国家安全局]]的攻击，因此它必须被抛弃。这是和VeraCrypt的竞争对手——[[CipherShed]]之间的主要区别之一，CipherShed继续使用了TrueCrypt加密格式。自版本1.0F开始，VeraCrypt开始支持打开及转换TrueCrypt的旧格式加密卷。&amp;lt;ref name=&amp;quot;VeraCrypt Release Notes&amp;quot;&amp;gt;[https:/acrypt.codeplex.com/wikipage?title=Release%20Notes &amp;quot;VeraCrypt Release Notes&amp;quot;]&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;Castle, Alex (March, 2015). &amp;quot;Where Are We At With TrueCrypt?&amp;quot;. MaximumPC, p. 59.&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 似是而非的否认 ==&lt;br /&gt;
VeraCrypt支持一种名为“[[似是而非的否认]]”的功能&amp;lt;ref name=deniability&amp;gt;{{cite web | title =Plausible Deniability | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Plausible%20Deniability | accessdate =2015-01-04 | archive-date =2016-01-11 | archive-url =https://web.archive.org/web/20160111120053/https://veracrypt.codeplex.com/wikipage?title=Plausible%20Deniability }}&amp;lt;/ref&amp;gt;，允许在卷内创建另一个“隐藏驱动卷”。&amp;lt;ref&amp;gt;{{cite web | title =Hidden Volume | work =VeraCrypt Documentation | publisher =IDRIX | date = | url =https://veracrypt.codeplex.com/wikipage?title=Hidden%20Volume | accessdate =2015-01-04 | archive-date =2015-12-22 | archive-url =https://web.archive.org/web/20151222152103/https://veracrypt.codeplex.com/wikipage?title=Hidden%20Volume }}&amp;lt;/ref&amp;gt;此外，Windows版本的VeraCrypt可以创建并运行一个隐藏的加密操作系统，其存在[[可否认式加密|可以被否认]]。&amp;lt;ref name=hiddenOS&amp;gt;{{cite web | title =Hidden Operating System | work =VeraCrypt Documentation | publisher =IDRIX | date =2014-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Hidden%20Operating%20System | accessdate =2015-01-04 | archive-date =2015-12-22 | archive-url =https://web.archive.org/web/20151222101623/https://veracrypt.codeplex.com/wikipage?title=VeraCrypt%20Hidden%20Operating%20System }}&amp;lt;/ref&amp;gt;该功能使用户在受到胁迫时通过展示无关紧要的外层卷，而使内层隐藏卷蒙混过关。&lt;br /&gt;
&lt;br /&gt;
VeraCrypt帮助文档中列出多种方式写明当该功能受到影响时（例如第三方软件可能通过临时文件、缩略图等向未加密的磁盘分区泄露信息），几种可能的方法来避免这种情况。&amp;lt;ref name=&amp;quot;IDRIX&amp;quot;&amp;gt;{{cite web | title =Security Requirements and Precautions Pertaining to Hidden Volumes | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20for%20Hidden%20Volumes | accessdate =2015-01-04 | archive-date =2015-12-22 | archive-url =https://web.archive.org/web/20151222082826/https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20for%20Hidden%20Volumes }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 性能 ==&lt;br /&gt;
VeraCrypt支持[[多元处理]][[数据并行|并行]]&amp;lt;ref name=guide-1.0f&amp;gt;{{cite web|title=VeraCrypt User Guide|url=https://veracrypt.codeplex.com/documentation|publisher=IDRIX|date=2015-01-04|edition=1.0f|access-date=2015-10-24|archive-date=2015-12-16|archive-url=https://web.archive.org/web/20151216155649/https://veracrypt.codeplex.com/documentation}}&amp;lt;/ref&amp;gt;{{Rp|63}}加密，在Windows系统中，[[流水线 (计算机)|流水线型]]读写操作（异步处理的一种形式）&amp;lt;ref name=guide-1.0f /&amp;gt;{{Rp|63}}以提高加密解密的性能效率。该软件在较新的处理器支持AES-NI指令集，亦支持[[AES指令集|AES硬件加速]]以进一步提高性能。&amp;lt;ref name=guide-1.0f /&amp;gt;{{Rp|64}} 磁盘加密对性能的影响在使用[[直接存储器访问|直接内存访问]]（Direct Memory Access，DMA）操作中尤其明显，因为所有数据必须通过CPU进行解密，而不是直接从磁盘复制到内存。&lt;br /&gt;
&lt;br /&gt;
== 安全问题 ==&lt;br /&gt;
&lt;br /&gt;
VeraCrypt很容易受到各种已知的攻击，也影响到其他基于软件的磁盘加密软件，如[[BitLocker]]。为了缓解这些攻击，VeraCrypt的帮助文档要求用户遵守各种安全防范措施。&amp;lt;ref name=&amp;quot;IDRIX&amp;quot;/&amp;gt;&amp;lt;ref name=&amp;quot;Security Requirements and Precautions&amp;quot;&amp;gt;{{cite web | url=https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20and%20Precautions | title=Security Requirements and Precautions | publisher=IDRIX | work=VeraCrypt Documentation | accessdate=February 16, 2015 | archive-date=2015-01-05 | archive-url=https://web.archive.org/web/20150105052420/https://veracrypt.codeplex.com/wikipage?title=Security%20Requirements%20and%20Precautions }}&amp;lt;/ref&amp;gt;一些安全问题详述如下：&lt;br /&gt;
&lt;br /&gt;
=== 内存中的加密密匙 ===&lt;br /&gt;
VeraCrypt存储其在[[随机存取存储器|内存]]中的密匙。普通个人计算机上对[[动态随机存取存储器|动态内存]]断电后的几秒钟（或更长，如降低温度）之后可能仍然保留着数据。即使在内存中的数据已经严重丢失，仍有各种算法可以恢复密钥。这种方法被称为[[冷启动攻击]]，特别适用于在接入电源时，闲置或锁屏模式下的笔记本电脑，现已成功地用于攻击由TrueCrypt加密保护的文件系统。&amp;lt;ref&amp;gt;{{cite web |url=http://www.usenix.org/event/sec08/tech/full_papers/halderman/halderman_html/ |title=Lest We Remember: Cold Boot Attacks on Encryption Keys |author=Alex Halderman |display-authors=etal |access-date=2015-10-24 |archive-date=2011-06-07 |archive-url=https://web.archive.org/web/20110607230429/http://www.usenix.org/event/sec08/tech/full_papers/halderman/halderman_html/ }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 物理安全性 ===&lt;br /&gt;
VeraCrypt帮助文档指出，如果攻击者物理攻击计算机中的数据，或者在受感染的电脑上使用该软件，VeraCrypt也无法保全其加密数据的完整性。当然电脑被盗，遗失或被没收这样的情况自然无能为力。&amp;lt;ref&amp;gt;{{cite web | title =Physical Security | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Physical%20Security | accessdate =2015-01-04 | archive-date =2015-12-22 | archive-url =https://web.archive.org/web/20151222085734/https://veracrypt.codeplex.com/wikipage?title=Physical%20Security }}&amp;lt;/ref&amp;gt;当攻击者通过物理访问电脑，例如，安装一个硬件或软件的[[键盘监听|键盘记录器]]或一个{{link-en|总线主控|Bus mastering}}装置捕获内存信息，或安装任何其他{{link-en|恶意硬件|Hardware Trojan}}或[[恶意软件|软件]]的攻击，让攻击者捕捉到未加密的数据（包括加密密钥和密码），然后以这些非法得到的加密密匙及密码进行解密。因此，物理安全是一个完善安全系统的基本前提。这种攻击方式也一般称之为“[[邪恶女佣攻击]]”（Evil Maid attack）。&amp;lt;ref&amp;gt;{{cite web | last =Schneier | first =Bruce | authorlink =Bruce Schneier | title =&amp;quot;Evil Maid&amp;quot; Attacks on Encrypted Hard Drives | work = | publisher =Schneier on Security | date =2009-10-23 | url =https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html | accessdate =2014-05-24 | archiveurl =https://web.archive.org/web/20220429165411/https://www.schneier.com/blog/archives/2009/10/evil_maid_attac.html | archivedate =2022-04-29 }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 恶意软件 ===&lt;br /&gt;
VeraCrypt帮助文档指出，VeraCrypt无法保护被感染某些[[恶意软件]]类型的电脑上的数据。某些类型的恶意软件被设计用来记录键盘输入，包括键入的密码，攻击者也可以通过互联网上传或保存到未加密的本地驱动器后读取它，或者直接物理访问计算机时。&amp;lt;ref&amp;gt;{{cite web | title =Malware | work =VeraCrypt Documentation | publisher =IDRIX | date =2015-01-04 | url =https://veracrypt.codeplex.com/wikipage?title=Malware | accessdate =2015-01-04 | archive-date =2016-07-30 | archive-url =https://web.archive.org/web/20160730230544/https://veracrypt.codeplex.com/wikipage?title=Malware }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 可信平台模块 ===&lt;br /&gt;
VeraCrypt网站上的FAQ指出，&amp;lt;ref&amp;gt;{{cite web | url=https://veracrypt.codeplex.com/wikipage?title=FAQ | title=FAQ | accessdate=2015-01-04 | archive-date=2015-12-16 | archive-url=https://web.archive.org/web/20151216155651/https://veracrypt.codeplex.com/wikipage?title=FAQ }}&amp;lt;/ref&amp;gt;[[可信平台模块]]（Trusted Platform Module，TPM） 的安全性并不可靠。因为如果攻击者具有对计算机的物理管理访问权限时，电脑可能被攻击者植入恶意程序，如一个简单的键盘按键记录器等，可以被用来捕捉密码或其他敏感信息。——TPM并非杀毒软件，并不会防止攻击者恶意修改计算机，因此VeraCrypt将不支持TPM。&lt;br /&gt;
&lt;br /&gt;
== 安全审计 ==&lt;br /&gt;
VeraCrypt正在进行一次独立的代码审核，目前正处于初期规划阶段。&amp;lt;ref name=&amp;quot;Veracrypt Security audit&amp;quot;&amp;gt;{{cite web | url=https://veracrypt.codeplex.com/discussions/576521 | title=Security audit | date=December 31, 2014 | accessdate=February 22, 2015 | author=Idrassi, Mounir | archive-date=2015-08-05 | archive-url=https://web.archive.org/web/20150805044500/http://veracrypt.codeplex.com/discussions/576521 }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
VeraCrypt是基于TrueCrypt开发的，通过独立的安全审计。审计的第一阶段已于2014年4月14日完成，结果为“没有证据证明该软件有后门或恶意代码”。&amp;lt;ref&amp;gt;{{Citation | last =Farivar | first =Cyrus | title =TrueCrypt audit finds &amp;quot;no evidence of backdoors&amp;quot; or malicious code | publisher =Ars Technica | date =2014-04-14 | url =http://arstechnica.com/security/2014/04/truecrypt-audit-finds-no-evidence-of-backdoors-or-malicious-code/ | accessdate =2014-05-24 | archive-date =2014-05-23 | archive-url =https://web.archive.org/web/20140523151242/http://arstechnica.com/security/2014/04/truecrypt-audit-finds-no-evidence-of-backdoors-or-malicious-code/ | dead-url =no }}&amp;lt;/ref&amp;gt;审计的第二阶段完成于2015年4月2日，结果为“没有证据表明该软件有故意后门，或在大多数情况下将使软件不安全的严重设计缺陷”。&amp;lt;ref name=&amp;quot;Truecrypt report&amp;quot;&amp;gt;{{cite web | url=http://blog.cryptographyengineering.com/2015/04/truecrypt-report.html | title=Truecrypt report | work=A Few Thoughts on Cryptographic Engineering | date=April 2, 2015 | accessdate=April 4, 2015 | author=Green, Matthew | archive-date=2015-04-05 | archive-url=https://web.archive.org/web/20150405015731/http://blog.cryptographyengineering.com/2015/04/truecrypt-report.html | dead-url=no }}&amp;lt;/ref&amp;gt;&amp;lt;ref name=&amp;quot;Truecrypt Phase Two Audit Announced&amp;quot;&amp;gt;{{cite web | url=https://cryptoservices.github.io/fde/2015/02/18/truecrypt-phase-two.html | title=Truecrypt Phase Two Audit Announced | publisher=NCC Group | work=Cryptography Services | date=February 18, 2015 | accessdate=February 22, 2015 | archive-date=2022-05-09 | archive-url=https://web.archive.org/web/20220509065352/https://cryptoservices.github.io/fde/2015/02/18/truecrypt-phase-two.html }}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 许可证 ==&lt;br /&gt;
&lt;br /&gt;
VeraCrypt从2015年6月28日起采用Apache 2.0许可证授权。&amp;lt;ref&amp;gt;{{cite web | title =Apache License 2.0 (Apache) | accessdate =2015-07-01 | url =https://veracrypt.codeplex.com/license | archive-date =2015-07-09 | archive-url =https://web.archive.org/web/20150709234209/https://veracrypt.codeplex.com/license }}&amp;lt;/ref&amp;gt;在此之前，它是以微软公共许可证（Microsoft Public License）发布的。&amp;lt;ref&amp;gt;{{cite web | title =Microsoft Public License (Ms-PL) | accessdate =2015-07-01 | url =https://veracrypt.codeplex.com/license?LicenseHistoryId=120858 | archive-date =2016-02-05 | archive-url =https://web.archive.org/web/20160205021210/https://veracrypt.codeplex.com/license?LicenseHistoryId=120858 }}&amp;lt;/ref&amp;gt;VeraCrypt使用了大量从其前身TrueCrypt得到的代码，也是唯一一款使用 TrueCrypt License 3.0 的加密软件。&amp;lt;ref name=license&amp;gt;[http://www.truecrypt.org/legal/license TrueCrypt License]. Accessed on: May 21, 2012 {{Webarchive|url=https://archive.today/20120530131309/http://www.truecrypt.org/legal/license |date=2012年5月30日 }}&amp;lt;/ref&amp;gt;&amp;lt;ref name=license2&amp;gt;[https://www.ohloh.net/licenses/TrueCrypt_Collective_License TrueCrypt Collective License] {{Wayback|url=https://www.ohloh.net/licenses/TrueCrypt_Collective_License |date=20140606233959 }}. Accessed on: June 4, 2014&amp;lt;/ref&amp;gt;然而这并不是一个广泛使用的[[开源软件许可证]]，也不是[[自由软件基金会]]定义的[[自由软件许可证]]，因为它包含分销和版权责任的限制等。&amp;lt;ref name=Phipps&amp;gt;{{Citation| author = Simon Phipps| title = TrueCrypt or false? Would-be open source project must clean up its act| publisher = {{link-en|InfoWorld|InfoWorld}}| date = 2013-11-15| url = http://www.infoworld.com/d/open-source-software/truecrypt-or-false-would-be-open-source-project-must-clean-its-act-230862| accessdate = 2014-05-20| archive-date = 2014-09-14| archive-url = https://web.archive.org/web/20140914201040/http://www.infoworld.com/d/open-source-software/truecrypt-or-false-would-be-open-source-project-must-clean-its-act-230862}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 参见 ==&lt;br /&gt;
* [[TrueCrypt]]&lt;br /&gt;
* {{link-en|硬盘加密软件|Disk encryption software}}&lt;br /&gt;
* {{link-en|硬盘加密软件比较|Comparison of disk encryption software}}&lt;br /&gt;
&lt;br /&gt;
== 参考文献 ==&lt;br /&gt;
{{reflist|colwidth=30em}}&lt;br /&gt;
&lt;br /&gt;
== 外部链接 ==&lt;br /&gt;
{{Commons category}}&lt;br /&gt;
* [https://www.veracrypt.fr VeraCrypt网站]{{Wayback|url=https://www.veracrypt.fr/ |date=20170904215551 }}&lt;br /&gt;
* [http://truecrypt.sourceforge.net/ TrueCrypt网站]&lt;br /&gt;
&lt;br /&gt;
[[Category:2014年软件]]&lt;br /&gt;
[[Category:跨平台软件]]&lt;br /&gt;
[[Category:加密软件]]&lt;br /&gt;
[[Category:磁盘加密]]&lt;br /&gt;
[[Category:Linux安全软件]]&lt;br /&gt;
[[Category:Windows安全软件]]&lt;br /&gt;
[[Category:使用wxWidgets的软件]]&lt;br /&gt;
[[Category:MacOS安全软件]]&lt;br /&gt;
&lt;br /&gt;
{{加密软件}}&lt;/div&gt;</summary>
		<author><name>imported&gt;InternetArchiveBot</name></author>
	</entry>
</feed>