Bug#482092: XTS and LRW mode of operation
Alberto napsal(a):
> *Zdenek Kaspar* wrote:
>> IMO it's not good to hide any changes in crypto from the user.
>
> I agree with you.
>
>> Even doubling the key without further notice. Maybe some
>> hint/help/screen option to explain XTS-based mode.
>
> At least in meantime (and before of lenny release) why don't
> offer only few and safe predefined options?
>
>> I don't see any advantages here. XTS is claimed as more secure..
>> But still both modes have kernel status = EXPERIMENTAL. Therefore CBC
>> should stay as "less-secure/more-stable" default option for the system
>> encryption.
>
> Also in 2.6.26 (and .27)?
>
Both options are EXPERIMENTAL:
CRYPTO_GF128MUL for almost 2 years and CRYPTO_XTS for 1 year.
As you mentioned in your next mail it would be nice to pickup some
predefined options with XTS for ppl who want to use it..
Reply to: