Hi,
I think it's good time to use XTS for filesystem encryption since RedHat
already does so in rhel5/6.
Looks like cryptsetup -c aes-xts-plain64 -s 512 is their standard for
filesystem encryption during system install.
1) d-i kernel needs to support: CONFIG_CRYPTO_XTS and CONFIG_CRYPTO_GF128MUL
Alberto napsal(a):
> *Zdenek Kaspar* wrote:
>> IMO it's not good to hide any changes in crypto from the user.
>
> I agree with you.
>
>> Even doubling the key without further notice. Maybe some
>> hint/help/screen option to explain XTS-based mode.
>
>
Hi, just few comments..
Max Vozeler napsal(a):
Hi Alberto,
On Tue, May 20, 2008 at 08:41:19PM +0200, Alberto wrote:
Please add aes-lrw-benbi and aes-xts-plain to the list of available
mode of operation. XTS is the upcoming standard.
Thanks for the suggestion. I think offering those modes
in
3 matches
Mail list logo
