Hey. Coming back (from vacation ;-) and back) on this and since 4.18 is out in the meantime: >2) Use new native AEAD algorithms with 128bit nonces (in kernel 4.18 >and later) >(aegis128,aegis256,aegis128l,morus640,morus1280), for example > > "--cipher aegis128-random --key-size 128 --integrity aead" or > "--cipher aegis256-random --key-size 256 --integrity aead" or < "--cipher morus640-random --key-size 128 --integrity aead" ... 1) Should these work by now with the current cryptsetup? Or will one require 2.1? 2a) AFAIU, AEGIS will always have either key-sizes of 128 or 256 bit, right? I'm also assuming that larger key size will give a better security margin,right? But what's the 128L? 2b) And MORUS will have either 640 bit for the internal state with "only" 128 bit keys... OR... the 1280 bit internal state with either 128 or 256 bit keys, right? Again, I'm assuming that larger internal state and larger key size will give a better security margin, right? 3) Is there any comparison (in terms of security) between AEGIS and MORUS? Thanks, Chris. _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx https://www.saout.de/mailman/listinfo/dm-crypt
