Bug#482092: XTS and LRW mode of operation - Debian

This is a discussion on Bug#482092: XTS and LRW mode of operation - Debian ; *Zdenek Kaspar* wrote: > IMO it's not good to hide any changes in crypto from the user. I agree with you. > Even doubling the key without further notice. Maybe some > hint/help/screen option to explain XTS-based mode. At least ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Bug#482092: XTS and LRW mode of operation

  1. Bug#482092: XTS and LRW mode of operation

    *Zdenek Kaspar* wrote:
    > IMO it's not good to hide any changes in crypto from the user.


    I agree with you.

    > Even doubling the key without further notice. Maybe some
    > hint/help/screen option to explain XTS-based mode.


    At least in meantime (and before of lenny release) why don't
    offer only few and safe predefined options?

    > I don't see any advantages here. XTS is claimed as more secure..
    > But still both modes have kernel status = EXPERIMENTAL. Therefore CBC
    > should stay as "less-secure/more-stable" default option for the system
    > encryption.


    Also in 2.6.26 (and .27)?

    --
    Alberto



  2. Bug#482092: XTS and LRW mode of operation

    Alberto napsal(a):
    > *Zdenek Kaspar* wrote:
    >> IMO it's not good to hide any changes in crypto from the user.

    >
    > I agree with you.
    >
    >> Even doubling the key without further notice. Maybe some
    >> hint/help/screen option to explain XTS-based mode.

    >
    > At least in meantime (and before of lenny release) why don't
    > offer only few and safe predefined options?
    >
    >> I don't see any advantages here. XTS is claimed as more secure..
    >> But still both modes have kernel status = EXPERIMENTAL. Therefore CBC
    >> should stay as "less-secure/more-stable" default option for the system
    >> encryption.

    >
    > Also in 2.6.26 (and .27)?
    >


    Both options are EXPERIMENTAL:
    CRYPTO_GF128MUL for almost 2 years and CRYPTO_XTS for 1 year.

    As you mentioned in your next mail it would be nice to pickup some
    predefined options with XTS for ppl who want to use it..



    --
    To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread