Public bug reported: Currently, the latest version of Ubuntu encrypts new installations with AES-256 (512 bits halved). But when you encrypt an external drive using Ubuntu's default Format+Create LUKS partition once the operating system is installed, it only encrypts it with AES-128 as far as I can see (256 bits halved). Why is this the case?
I see no reason not to upgrade it to AES-256 and can help protect, to an extent, future quantum computing attacks where AES-128 would become much less resilient in comparison. P.S. Any possibility of OCB (patent-free for GPL) or GCM to be included in block ciphers in the future (not an expert in this area so correct me if I am wrong to assume they are going to be better than what we have now)? Thank you. ** Affects: cryptsetup (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1577619 Title: Update default drive encryption to AES-256 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1577619/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs