Well, the paper also says that: "Use of a single cryptographic key for more than a few hundred terabytes of data opens possibility of attacks, as described in D.4.3. The limitation on the size of data encrypted with a single key is not unique to this standard. It comes directly from the fact that AES has a block size of 128 bits and is not mitigated by using AES with a 256-bit key."
So it might not be a unique problem for XTS but anything using AES with 128 bit blocks? The entire partition should also be filled with randomized data before encryption. -- support AES-XTS mode https://bugs.launchpad.net/bugs/244480 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs