[dm-crypt] security: improve defaults

Sitaram Chamarty sitaramc at gmail.com
Sat Jan 3 09:19:00 CET 2015

On 01/03/2015 11:30 AM, Arno Wagner wrote:
> On Sat, Jan 03, 2015 at 00:18:21 CET, Christian Stadelmann wrote:

>> cipher: aes-cbc-essiv (default in plain mode)
>> There are known attacs against aes-cbc-essiv which lead to using aes-xts
>> as default cipher in LUKS mode. Is there any reason why it should not be
>> used in plain mode?
> Simple: Backwards compatibility. As plain mode does not
> have a header, this would break old uses. Anybody that wants
> it can already use XTS.

seconded; I rely on this -- please don't change this :-)

Christian: anyone who is using dm-crypt in plain mode *already* knows
what he is doing.  If they don't, they should not be using plain mode.
There is no need for you or me to worry about them, in my opinion.

More information about the dm-crypt mailing list