Operation Manual
78
Encryption Algorithms
VeraCrypt volumes can be encrypted using the following algorithms:
Algorithm
Designer(s)
Key Size (Bits)
Block Size
(Bits)
Mode of
Operation
AES
J. Daemen, V. Rijmen
256
128
XTS
Serpent
R. Anderson, E. Biham, L. Knudsen
256
128
XTS
Twofish
B. Schneier, J. Kelsey, D. Whiting,
D. Wagner, C. Hall, N. Ferguson
256
128
XTS
AES-Twofish
256; 256
128
XTS
AES-Twofish-Serpent
256; 256; 256
128
XTS
Serpent-AES
256; 256
128
XTS
Serpent-Twofish-AES
256; 256; 256
128
XTS
Twofish-Serpent
256; 256
128
XTS
For information about XTS mode, please see the section Modes of Operation.
AES
The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm
(Rijndael, designed by Joan Daemen and Vincent Rijmen, published in 1998) that may be used by
US federal departments and agencies to cryptographically protect sensitive information [3].
VeraCrypt uses AES with 14 rounds and a 256-bit key (i.e., AES-256, published in 2001) operating
in XTS mode (see the section Modes of Operation).
In June 2003, after the NSA (US National Security Agency) conducted a review and analysis of
AES, the U.S. CNSS (Committee on National Security Systems) announced in [1] that the design
and strength of AES-256 (and AES-192) are sufficient to protect classified information up to the
Top Secret level. This is applicable to all U.S. Government Departments or Agencies that are
considering the acquisition or use of products incorporating the Advanced Encryption Standard
(AES) to satisfy Information Assurance requirements associated with the protection of national
security systems and/or national security information [1].