On Sun, Sep 13, 2009 at 09:46:23PM +0200, Christian Pernegger wrote: > Hi all, > > I've recently finished setting up our new file server, whose largest > filesystem is 2.5TB in size; ext3 on dm-crypt (aes-256-xts) on lvm on > md-raid5. The setup seems fine, but googling for an unrelated > performance problem brought to light some disconcerting news: > > 1) xts becomes more insecure the larger the encrypted volume is and is > thus not recommended for volumes >1TB. Great. How bad is this in my > case on a "makes cracking the encryption easier in theory" -- "any > scriptkiddie can do it in 5 seconds" scale? Likely in the "makes breaking it a few millions cheaper but leaves plenty" class. Also, you need to think about what your attacker model is. For example: If they cannot walk out with the disks, will transferring 2.5TB over the net be noticed? > 2) Something about *-plain being 32 bit only and thus limited to 2TB. > What happens to data over 2TB? Less secure, not encrypted at all, kiss > it goodbye? No idea. I would assume a sane implementation that reports an error on access attempts past the limit, but worst case is a wrap-around and overwrite of data at the beginning. > I can't recreate the mapping with different settings easily, since > I've already copied the data over and dismantled the old server but of > course everything depends on how bad this is ... Well, you can always use your backup procedure to move the data off and put it back on under new encryption. You do have backup, right? Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt