On Thu, Jul 15, 2010 at 9:32 AM, markus reichelt wrote: > > * james hughes <hugh...@mac.com> wrote: > > > If there is no room for or an integrity field, you can look at > > XTS-AES. > > http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf > > A not so well-known statement of said PDF certainly is the following, > especially in light of today's storage device capacities: > > "The length of the data unit for any instance of an implementation of > XTS-AES shall not exceed 2^20 AES blocks."
Remember that a 'data unit' as described in IEEE Std 1619-2007 is analogous to a hard disk's 'sector' or 'logical block' (which is usually fixed at 512 or 4096 bytes), so in practice this limitation is not an issue, since you can just use more sectors to encrypt more of your data under the same key. -- Cheers, Matt Ball Chair, IEEE P1619 Security in Storage Working Group Cell: 303-717-2717 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
