On Tue, 19 Dec 2000, Marc Mutz wrote: > Chris Kuklewicz wrote: > > > > Okay...so I missed some documentation. Documentation/crypto/faq.txt > > helped get blowfish working. And I found the error doucmented in the > > last chapter (the FAQ) of the howto at EncryptionHOWTO.sourceforge.net. > > > > So the revised question is: > > > > Out of curiousity, what non trivial work needs to be done to losetup > > to add a cipher (e.g. twofish or aes)? > > > <snip> > > There is a list of known ciphers in lomount.c. You have to do the > obvious additions (just copy one of the existing lines and modify. > Keylength for Twofish is 128 or 256 bits, not sure if losetup works with > the latter. Each cipher has a predefined keylength. For all the aes candidates 128 bits is chosen, even all of them support at least 192 and 256 bits. The current hash scheme supports up to 320 bits of key bits (two ripmd hashes). However, so much entropy is almost certainly not found in a passphrase, so using more than 128 bits keys will not add security. It must also be added that 128 bits is more than good enough today. 90 bits is the recomended minimum key length. -- Gisle Sælensminde ( gisle@xxxxxxxxx ) With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea. It is hard to be sure where they are going to land, and it could be dangerous sitting under them as they fly overhead. (from RFC 1925) Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
