Hi,
afaik using 256 bit key length with aes-xts-plain results in a 128 bit
aes encryption and a 128 bit XTS key.
128-AES should be secure of course but what difference does the half XTS
key make? According to Wikipedia there is a terabyte limit which might
be lower with 128 and XTS uses two keys which might result in two 64 bit
ones?
Does anyone know which impact it have or know a good source for this? I
haven't found any information which might be interesting for non crypto
experts.
256 is faster but most likely because of the less rounds of AES-128. If
there is no real difference like between AES-256 and AES-128 the
keylength of 256 would make sense for slower cpus.
Thanks in advance
unggnu
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
