Hello everyone, I've been using dm-crypt with twofish-lrw-benbi:ripemd160 for (swap and /tmp) because, if I understand correctly, Twofish is more optimized in the Linux kernel than AES (and therefore faster). I've been thinking of using AES on /home. One thing I don't understand is the term "benbi". Does this have something to do with IV generation?
One last thing. I've heard that LRW will be replaced with XTS. [1] IIRC correctly, the XTS cipher mode isn't in the Linux kernel yet? Also, from what I've read, the problems with LRW boil down to a "traitor tracing" problem, that repeated physical access to a drive is needed, and even then one could theoretically only confirm the presence of a known plaintext. Am I getting this right? [1] http://en.wikipedia.org/wiki/IEEE_P1619#LRW_issue Sincerely, Mansour Moufid -- [email protected] mailing list
