[_d3Xt3r_]

> Performance is great, nearly "metal" SSD speeds.

But how does that compare exactly, performance wise, against Bitlocker and LUKS? (assuming similar strength encryption algorithms are selected)

[pulse7]

There is still an open issue in VeraCrypt (https://github.com/veracrypt/VeraCrypt/issues/136) because of which BitLocker is much faster on SSDs then VeraCrypt... But if you don't need those speads, VeraCrypt is still great...

[huhtenberg]

To nitpick - on _NVmE_ drives, not SSDs.

The principal difference is the native speed of raw IO - NVmEs are an order of magnitude faster than SSDs. TC/VC don't use hardware acceleration, so all the encryption work falls on the CPU. On a machine with a reasonably modern CPU, TC/VC run nearly at drive's native speed.

[seanw444]

> TC/VC don't use hardware acceleration

I assume by that you mean it doesn't use the AES instructions? That's odd to me.

[fluoridation]

No, that's wrong. VeraCrypt uses AES-NI when available. It seems the source of the issue is the IO design of the driver, which causes unnecessary context switches when operating on a raw device.

[Ms-J]

You can also explicitly disable the AES-NI in Veracrypt and use pure software implementation if you don't trust the hardware. I usually enable this option.

[zeroimpl]

This option always seems funny to me. If I didn't trust the AES-NI instruction, why I would I trust the XOR instruction?

[seanw444]

Okay that makes more sense.

[baxuz]

Bitlocker is Microsoft's closed-source product. How can you be sure it doesn't have backdoors?

[shim__]

That question is pointless if you're using windows

[huhtenberg]

In practice, it is most certainly not pointless.

Given two USB drives, one encrypted with BitLocker and another with TC or VC, chances of master key recovery by Microsoft are definitely not the same.

[maccard]

> In practice, it is most certainly not pointless .... chances of master key recovery by Microsoft are definitely not the same.

I don't think those two sentences hold water when put together. In practice, if your risk is master key leakage and theft of the encrypted data by microsoft, you shouldn't be using windows. If you suspect that, MS can have a kernel mode driver masquerading as anything else, and it can just siphon your master key whenever you enter it.

[DarkmSparks]

And now that ms auth is apparently mostly compromised, extend microsoft to any threat actor in the wild.

I like VC for the portability of the encrypted .tc files. Keep all my backups as tc files, and recovered from more than one failure using them.

Once had an issue where dropbox corrupted the duplicates, so dont use dropbox anymore.

[Jerrrry]

>ms auth is apparently mostly compromised

just gonna drop that like that aint a $10k+ implication, gonna need a src or ref thanks

unless you mean by 3letters, which dont exactly give their backdoors to randoms.

randoms aint coming across 3letter's backdoors, not active/modern ones anyway

[Ayesh]

I haven't used BitLocker or anything else, so I can't really compare.

Veracrypt has a neat benchmark tool so you know the speed beforehand. I suppose most CPUs have native support for the popular algorithms, so the bottleneck really is the disk, not CPU itself or the software.