[dm-crypt] LUKS encryption standards

Milan Broz mbroz at redhat.com
Wed Feb 29 20:24:06 CET 2012

On 02/29/2012 05:23 PM, Bennett, Justin wrote:
> I’d like to use the LUKS-based encryption that is available during
> the installation of RHEL 5 (the OS we’ll be using going forward) but
> I need to know some specific information regarding the encryption
> standards that are met by LUKS. Specifically, the customer requires
> that the encryption meet the standards set forth by the United States
> Dept. of Commerce in FIPS-140-2
> (http://en.wikipedia.org/wiki/FIPS_140-2).


As you already found, RHEL5 has no FIPS certified module for disk
volume encryption.

For RHEL6, there is such module in validation process
(based on LUKS/cryptsetup/dm-crypt).

But anyway, this is really question for Red Hat support channel.

> I’m wondering if someone can tell me whether the current cryptsetup
> or dm-crypt offerings support this or not. I tried looking through a
> list of validated cryptographic modules kept by the NIST, but I
> didn’t have any luck.

Also check modules in process page.


More information about the dm-crypt mailing list