[dm-crypt] Switch to XTS mode for LUKS in cryptsetup in 1.6.0 (Was Re: [ANNOUNCE] cryptsetup 1.6.0-rc1)

Milan Broz gmazyland at gmail.com
Sat Jan 5 19:25:52 CET 2013


On 01/05/2013 06:20 PM, Arno Wagner wrote:

> What does RHEL use and recommend? Do they always use
> AES256-XTS or is AES128-XTS offered as an option (not when
> douing this manually via commandline). I think there would
> be some benefit to have the same defauls in distro-independent
> cryptsetup.

- Encrypted disk installation is using AES-XTS with 512bit key.
(installer overwrites default. But I know there was no
real discussion about AES18/256 before this was changed.)
Installed (anaconda) doesn't allow default cipher/key size change
but allows to "reuse" existing LUKS device.

- compiled-in cryptsetup default is the same as upstream (CBC with ESSIV)
(RHEL7 will use XTS as default, I would like to see the same
default as upstream.)
(This was mainly for compatibility reasons but now even RHEL5 can
map XTS LUKS discs.)

- RHEL in FIPS mode (dmcrypt/LUKS module is still not validated though)
allows CBC (only with ESSIV) and XTS with AES128/192/256

Well, I can get more info from independent people here internally.

My current opinion is to use aes-xts-plain64 with 256bit key
(IOW use AES128) as independent default for LUKS.

Milan


More information about the dm-crypt mailing list