rsnel@xxxxxxxxxxxxxxx wrote:
You need to pass aes-lrw-benbi as cipher mode (as said in Kconfig). You should get LRW-32-AES encryption that way (as defined in http://grouper.ieee.org/groups/1619/email/pdf00017.pdf) (benbi is a lot like plain, but plain is a little endian sector (512 bytes) count, and benbi is a bigendian cipherblock count).
ah, ok, thanks.
LRW is no IEEE1619 candidate anymore because it is very weak if you encrypt the encryption key itself, see: http://grouper.ieee.org/groups/1619/email/msg01150.html
so If I don't put the encryption key on the encrypted volume I will be fine? is there any alternative to LRW that is better from a security point of view? the other candidates are not implemented yet for linux as far as I know. Thanks! Regards, Andreas --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
