Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: Security

Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256?

  

 
Gentoo security RSS feed   Index | Next | Previous | View Threaded


jehovah at wir-sind-cool

Mar 15, 2008, 5:38 AM

Post #1 of 3 (2218 views)
Permalink
Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256?
Hi,

I found many guides on harddisk encryption with cryptsetup-LUKS but none of them clarifies if it makes sense to use a hash-function (like sha256) with xts-plain. I would appreciate any hint.

Best,
Jehovah
--
Psst! Geheimtipp: Online Games kostenlos spielen bei den GMX Free Games!
http://games.entertainment.gmx.net/de/entertainment/games/free
--
gentoo-security[at]lists.gentoo.org mailing list


jehovah at wir-sind-cool

Mar 15, 2008, 8:54 AM

Post #2 of 3 (2103 views)
Permalink
Re: Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256? [In reply to]
Hi again,

am I mistaken to assume that there are only 3 correct combinations?

anycipher-cbc-essiv:sha256
anycipher-lrw-benbi
anycipher-xts-plain

I've found a mailinglist-post stating that it's also possible to use anycipher-xts-benbi. Are there any security-advantages using this?

Best,
Jehova
--
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/?mc=sv_ext_mf[at]gmx
--
gentoo-security[at]lists.gentoo.org mailing list


dante at virtualblueness

Mar 16, 2008, 6:15 AM

Post #3 of 3 (2104 views)
Permalink
Re: Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256? [In reply to]
jehovah[at]wir-sind-cool.org wrote:
> Hi,
>
> I found many guides on harddisk encryption with cryptsetup-LUKS but none of them clarifies if it makes sense to use a hash-function (like sha256) with xts-plain. I would appreciate any hint.
>
> Best,
> Jehovah
>
There are two wikipedia articles which explain disk encryption theory in
general:

http://en.wikipedia.org/wiki/Disk_encryption_theory
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

The latter is particularly good and illustrates the problem with naive
ECB mode using pictures.

I hope this helps

--Tony

--
gentoo-security[at]lists.gentoo.org mailing list

Gentoo security RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.