On Mon, 2010-07-26 at 02:14 +0200, Milan Broz wrote: > Imagine that someone today has LUKS device of >2TB and data on it. Switch > to full 64 bit "plain" IV will change IV for all sectors above 2TB limit. > I think users prefer read data from there instead of random noise:-) Are you really sure?! ;) ... would be a nice /dev/random alternative or so ^^ > So question is if XTS is ok for such large drives - the 1TB mentioned limit > elsewhere is possible misinterpretation (block size/device size confusion?). > > (... real answer must come from an expert in cryptography based on proper analysis.) So you guess the the 1TB limit could be actually a "don't have blocks larger than 1TB" limit?! > Anyway, distro maintainer can set default using configure switch already > --with-luks1-mode=xts (see also other switches). > > So if you want to switch default in Debian, no problem:-) I seem to have rather bad luck in moving cryptsetup things at distro level... ;) Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
