veracrypt-forensic¶
A from-scratch, pure-Rust VeraCrypt / TrueCrypt reader and decryptor — unlock a volume from its password and read the plaintext, plus an anomaly auditor over the recovered volume facts.
Scope
This build brutes the header across all five VeraCrypt PRFs (SHA-512, SHA-256, Whirlpool, Streebog-512, RIPEMD-160) and decrypts both single ciphers (AES-256-XTS, Serpent-256-XTS, Twofish-256-XTS) plus all VeraCrypt cipher cascades (stacked XTS), with a PIM and normal or hidden volumes. See Format Research and Validation.
What it does¶
A VeraCrypt volume stores its master key inside a 512-byte header that is itself
encrypted with a key derived from the password. veracrypt-core:
- reads the 512-byte volume header (
salt[64]+ a 448-byte XTS-encrypted header), - derives the header key with
PBKDF2-HMAC-<PRF>and tries every PRF × cipher until the decrypted header shows a validVERA/TRUEmagic and both CRC-32s match — so a wrong password/PRF/cipher is rejected with no false positive, - recovers the master key from the decrypted header, and
- decrypts the data area as AES-256, Serpent-256, or Twofish-256 XTS — or a
cascade of them, applied as stacked XTS layers in cryptsetup key order (the tweak
is
encrypted_area_start / 512 + LBA) — exposing a plaintextRead + Seekview (read_at).
unlock_hidden_with_password repeats the process against the hidden header at
64 KiB, to access or prove the presence of a deniable hidden volume.
veracrypt-forensic grades the recovered facts into observations (legacy
TrueCrypt, hidden volume declared, cipher inventory).
The two-crate split¶
| Crate | Role | Depends on | Emits |
|---|---|---|---|
veracrypt-core |
reader / decryptor | aes, twofish, xts-mode, pbkdf2, sha2, whirlpool, streebog, ripemd, crc32fast, hmac, thiserror |
plaintext view + typed VolumeInfo |
veracrypt-forensic |
anomaly analyzer | veracrypt-core |
graded observations |
Trust but verify¶
Every primitive is an audited RustCrypto crate; no cryptography is hand-rolled.
Correctness is proven Tier-1 on a real VeraCrypt volume with a published
password, where three independent implementations agree byte-for-byte —
VeraCrypt 1.26.20, cryptsetup 2.7.0, and this crate. Panic-free,
bounds-checked parsing; unwrap/expect denied in production code
(#![forbid(unsafe_code)]); fuzzed header parser.
Privacy Policy · Terms of Service · © 2026 Security Ronin Ltd