Re: Switch to XTS mode for LUKS in cryptsetup in 1.6.0 (Was Re: [ANNOUNCE] cryptsetup 1.6.0-rc1)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 01/04/13 12:50, Milan Broz wrote:
> On 12/29/2012 10:40 PM, Milan Broz wrote:
>> The testing release candidate cryptsetup 1.6.0-rc1 is available at
>>
>>    http://code.google.com/p/cryptsetup/
>>
>> Feedback and bug reports are welcomed.
>>
>> Cryptsetup 1.6.0 Release Notes (RC1)
>
> I am going to do one more important change to final 1.6.0:
> change LUKS _default_ cipher to aes-xts-plain64 with 512bits key.
512bits Key?
>
> Most of recent disk encryption systems switched already to XTS mode,
> also it is preferred by standards (and we are using it for very long
> time in Fedora/RHEL during installations.)
>
> Distro maintainers can always overwrite this during compilation time,
> and user can use -c aes-cbc-essiv:sha256 -s 256 to old mode always.
You mean 256bits, don't you?

-
Ralf
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux