On 9.4.2013 20:08, Mikulas Patocka wrote: > > > On Tue, 26 Mar 2013, Milan Broz wrote: > >> - Are we sure we are not inroducing some another side channel in disc >> encryption? (Unprivileged user can measure timing here). >> (Perhaps stupid reason but please do not prefer performance to security >> in encryption. Enough we have timing attacks for AES implementations...) > > So use serpent - it is implemented without any data-dependent lookup > tables, so it has no timing attacks. I wish using something different than AES is just such simple technical issue for many people. But e.g. just try it in FIPS mode where AES is the only option:-) Anyway, using bio_associate_current() seems to be the right way to try now... Milan -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel