Key Derivation Algorithms

A key derivation function (KDF) transforms your password (and optional keyfiles) into cryptographic keys used to decrypt a VeraCrypt volume header. KDFs slow down brute-force attacks and protect against precomputation by incorporating a large random salt and a tunable work factor (e.g., iterations, memory).

Available Algorithms in VeraCrypt

Argon2id: A modern, memory-hard KDF (based on BLAKE2b internally). Recommended for new volumes. No separate hash selection is required.
PBKDF2-HMAC: A widely deployed KDF that uses HMAC with a selectable hash function. Supported HMAC hashes in VeraCrypt: SHA-512, SHA-256, Whirlpool, BLAKE2s-256, and Streebog.