Hi All, I am wondering if this is a good idea: encrypt a partition normally with cryptsetup luksFormat (using aes-xts-plain), then luksOpen, mkfs.ext2 format the device mapper device that appears, mount it. Then, create a giant file that fills up the partition. losetup it that file, luksFormat the loop device (using twofish-xts-plain) luksOpen it, mkfs.ext2 format the device mapper device that appears, mount it, and use it... My purpose is that I don't trust AES, but I don't trust twofish enough to be sure it is better than AES. I am paranoid enough that the speed hit is acceptable. Questions: 1) is this the best way to achieve my goal with dm-crypt? 2) is it secure? Or will somehow it cause my data to be less secure than just using one cipher? Or will it somehow defeat the security provided by XTS? (i would assume it becoming less secure in any way is impossible, but i am not a cryptoanalyst, so i don't want to be assuming such things). I know truecrypt has a feature where you specify the cipher as aes-twofish. This is what I wish to achieve, but using dm-crypt. Regards, Sam _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
