On Wed, 28 Mar 2012 19:00:04 -0400, simple w8 <[email protected]> wrote:
Something is not right, Free-OTFE says is does support xts but its not being able to mount the partitions encrypted in Mageia, what can be the cause?
We're using --cipher aes-xts-benbi --key-size 512. As per http://www.ody.ca/~dwhodgins/Luks-Howto.html#Changelog this was suggested to me several years ago, and is what I've been using since then.
You may see the FreeOTFE supported cypher modes here: http://www.freeotfe.org/docs/Main/Linux_volumes.htm
I wasn't aware luks encrypted volumes could be opened by anything else, or I would have considered that when suggesting the cipher change. I don't think using the benbi initial vector generation algorithm (64 bit) instead of the plain (32 bit) algorithm makes much of a difference, in terms of security. It was just the cbc mode that I was concerned with. Can you modify /usr/lib/libDrakX/fs/dmcrypt.pm to use aes-xts-plain (line 68), create an encrypted volume, and test it with freeotfe? If that works, open a bug report and request the change. Regards, Dave Hodgins
