Moji wrote: > This includes newer ciphers because the more data you encrypt with a single key, > and right now dm-crypt only allows for single keys, the more susceptible your algorithm > is regardless which one you use. Just small note: dm-crypt (kernel part) have one key per mapped segment, you can create as many segments with different keys (even with different algorithms) (imagine simple Logical Volume in LVM split over several areas of disk - the same logic can be used for crypt segments.) Another option is stacking - create several encrypted devices and and map another volume(s) over it (LVM over LUKS is exactly that). Only userspace (cryptsetup) is not able to configure it easily - you have to use dmsetup directly (or stack LVM/MD over several LUKS devices). Milan -- mbroz@xxxxxxxxxx _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
