Mailing List Archive

Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256?
Hi,

I found many guides on harddisk encryption with cryptsetup-LUKS but none of them clarifies if it makes sense to use a hash-function (like sha256) with xts-plain. I would appreciate any hint.

Best,
Jehovah
--
Psst! Geheimtipp: Online Games kostenlos spielen bei den GMX Free Games!
http://games.entertainment.gmx.net/de/entertainment/games/free
--
gentoo-security@lists.gentoo.org mailing list
Re: Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256? [ In reply to ]
Hi again,

am I mistaken to assume that there are only 3 correct combinations?

anycipher-cbc-essiv:sha256
anycipher-lrw-benbi
anycipher-xts-plain

I've found a mailinglist-post stating that it's also possible to use anycipher-xts-benbi. Are there any security-advantages using this?

Best,
Jehova
--
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/?mc=sv_ext_mf@gmx
--
gentoo-security@lists.gentoo.org mailing list
Re: Cryptsetup-LUKS: cryptsetup -c anycipher-xts-plain:sha256 or not :sha256? [ In reply to ]
jehovah@wir-sind-cool.org wrote:
> Hi,
>
> I found many guides on harddisk encryption with cryptsetup-LUKS but none of them clarifies if it makes sense to use a hash-function (like sha256) with xts-plain. I would appreciate any hint.
>
> Best,
> Jehovah
>
There are two wikipedia articles which explain disk encryption theory in
general:

http://en.wikipedia.org/wiki/Disk_encryption_theory
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

The latter is particularly good and illustrates the problem with naive
ECB mode using pictures.

I hope this helps

--Tony

--
gentoo-security@lists.gentoo.org mailing list