The issue with separately encrypted physical volumes is that one needs
to type in passphrases for each volume, or resorting to storing keys
somewhere (I don't like stored keys, they might get stolen along with
the encrypted data), or hacking some ugly scripts to reuse passphrases.
I am not sure but why don't create random salts for each volume part and
encrypt them with the hash of the password + salt. The salt could be
saved with the volume part so no extra storage or technique is needed.
There also wouldn't be any volume limit.
Btw. there really doesn't seem to be much information available about
XTS in general or the implications if a 128 bit key (256 MK bits) is
used for XTS.
Greetings
unggnu
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
