On 26/07/2012 04:14, RW wrote: > I asked a similar questions to the OPs in the geom list and didn't get > an answer. Geli doesn't need or isn't using any advantages of XTS. And > CBC in geli is actually equivalent to ESSIV (see the previously linked > wikipedia page).
Hi, You didn't get an answer because in security, the answer depends on exact circumstances of use. The short answer is that if you don't have a specific adversary you need to protect your data from, I'd say that GELI's CBC is good enough for you.
signature.asc
Description: OpenPGP digital signature
