Bug#788227: add 512 bit key-size for AES (XTS-AES)
Package: partman-crypto
Version: 82
This report is to request (with patch) allowing 512 bit key-size when
using XTS-AES for disk encryption (via the xts-aes-plain64 cipher).
This started as a query to the mailing list (which seems useless, by the
way) which is CC'd.
--
On 05/26/2015 02:09 PM, Nathan Schulte wrote:
As it stands, it appears the installer requires you to create a
partition table on the Encrypted Volumes and does not allow using the
entire device alone. I believe this feature was available in the past,
though I could be mis-recalling. Either way, I was able to do this in
the past and I'm pretty sure I haven't forgotten anything about what I
did.
After much trial and error, I was able to get this working with a rather
simple procedure:
partman (or the step just prior) will detect and list open LUKS devices
if setup (manually) before entering the wizard. The display is a bit
misleading, as partman shows the encrypted volumes as having a single
partition, but in this mode it does not create a partition table as you
would have to do should you choose to use the partman wizard to create
the encrypted volumes.
On a related note, I believe the partman-crypto part of the partitioner
should allow for selecting 512 bit key sizes, as the default cipher
(aes-xts-plain64) effectively halves the chosen key size. This ought to
be a straight-forward patch.
This is an extremely simple patch, which is attached. The comment is of
interest, however:
add 512 bit key-size for AES (XTS-AES)
the aes-xts-plain64 cipher effectively halves the chosen keysize due to
keysplitting used in the algorithm. Thus, choosing a 256 bit key-size
does not lead to AES 256 encryption but AES 128 instead.
There's probably a better way to convey this to the user, as they'll need
to be vigilant in order to make use of this. As well, it may be wise to
default to 256 bit key-size in the UI, and I believe this change will
cause the default selection to be 512.
--
Nate
>From 5af2b9ccc99a8f1cf3be62ff3faea37f2785a480 Mon Sep 17 00:00:00 2001
From: Nathan Schulte <nmschulte@gmail.com>
Date: Tue, 9 Jun 2015 09:46:53 -0500
Subject: [PATCH] add 512 bit key-size for AES (XTS-AES)
the aes-xts-plain64 cipher effectively halves the chosen keysize due to
keysplitting used in the algorithm. Thus, choosing a 256 bit key-size
does not lead to AES 256 encryption but AES 128 instead.
There's probably a better way to convey this to the user, as they'll need
to be vigilant in order to make use of this. As well, it may be wise to
default to 256 bit key-size in the UI, and I believe this change will
cause the default selection to be 512.
---
ciphers/dm-crypt/aes/keysize | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ciphers/dm-crypt/aes/keysize b/ciphers/dm-crypt/aes/keysize
index ab43da4..be82d8d 100644
--- a/ciphers/dm-crypt/aes/keysize
+++ b/ciphers/dm-crypt/aes/keysize
@@ -1 +1 @@
-256 192 128
+512 256 192 128
--
2.1.4
Reply to: