On Tue, 28 Jun 2005 16:15:38 -0400, Gregory Maxwell <[EMAIL PROTECTED]> said:
> On 6/28/05, Hubert Chan <[EMAIL PROTECTED]> wrote: >> > Isn't dm-crypt the new way of doing this? Yes and no. dm-crypt is >> recommended over cryptoloop. But there is also loop-AES, which is >> more secure (in some modes) than dm-crypt (currently). > There is now support for both LRW-AES and ESSIV in the mainstream > kernel. With ESSIV the security should be the same as loop-aes and > with LRW-AES potentially better. Thanks for the info. I haven't look into the kernel for a little while -- I'm still using a slightly older version. > For the highest security you should also use the LUKS cryptosetup > because it provides hardening for passwords. -- Hubert Chan <[EMAIL PROTECTED]> - http://www.uhoreg.ca/ PGP/GnuPG key: 1024D/124B61FA Fingerprint: 96C5 012F 5F74 A5F7 1FF7 5291 AF29 C719 124B 61FA Key available at wwwkeys.pgp.net. Encrypted e-mail preferred.