On 01/04/13 12:50, Milan Broz wrote: > On 12/29/2012 10:40 PM, Milan Broz wrote: >> The testing release candidate cryptsetup 1.6.0-rc1 is available at >> >> http://code.google.com/p/cryptsetup/ >> >> Feedback and bug reports are welcomed. >> >> Cryptsetup 1.6.0 Release Notes (RC1) > > I am going to do one more important change to final 1.6.0: > change LUKS _default_ cipher to aes-xts-plain64 with 512bits key. 512bits Key? > > Most of recent disk encryption systems switched already to XTS mode, > also it is preferred by standards (and we are using it for very long > time in Fedora/RHEL during installations.) > > Distro maintainers can always overwrite this during compilation time, > and user can use -c aes-cbc-essiv:sha256 -s 256 to old mode always. You mean 256bits, don't you? - Ralf _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
