[dm-crypt] Efficacy of xts over 1TB

Christoph Anton Mitterer christoph.anton.mitterer at physik.uni-muenchen.de
Mon Jul 26 23:31:56 CEST 2010

On Mon, 2010-07-26 at 23:07 +0200, Arno Wagner wrote:
> > So you guess the the 1TB limit could be actually a "don't have blocks
> > larger than 1TB" limit?!
> Actually, it is the "plain" implementation that causes a 2TB limit 
> because of repeating IVs. XTS has a block size limit, at 2^20 bits, 
> (I think) but it is a recommended limit. As 512 bytes we are well 
> below that :-)
So you mean we have two limits?

1) The limit related to the IVs that we get from "plain" after 32bit 512
byte blocks, or that we would get from plain64 on a Zettabyte device.

2) Another limit, on the maximum block size (which was misconceived as a
maximum filesystem size) that can be securely used which is that 1TB
However we should never hit that one too?!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3387 bytes
Desc: not available
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20100726/904412cb/attachment.bin>

More information about the dm-crypt mailing list