public inbox for gentoo-security@lists.gentoo.org
 help / color / mirror / Atom feed
From: Florian Philipp <lists@f_philipp.fastmail.net>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] Encryption Ciphers
Date: Fri, 29 Feb 2008 18:09:22 +0100	[thread overview]
Message-ID: <1204304962.6725.5.camel@NOTE_GENTOO64.PHHEIMNETZ> (raw)
In-Reply-To: <44a1f4d20802281219y3de6c57bk5f959b141911e463@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1053 bytes --]


On Thu, 2008-02-28 at 15:19 -0500, Mansour Moufid wrote:
> On Thu, Feb 28, 2008 at 1:29 PM, Florian Philipp
> <lists@f_philipp.fastmail.net> wrote:
> >  One last question for everyone who has read this rather long mail (thank
> >  you, btw): What exactly is benbi in aes-lrw-benbi:sha256 and what should
> >  I choose for XTS? The kernel description states plain but essiv and
> >  benbi work as well.
> >
> 
> benbi is an IV generation algorithm. If you look at the dm-crypt
> sources [1], benbi stands for "big-endian 'narrow block'-count" (not
> sure where they got the `i' from...). There's also one called bewbi,
> which I thought was entertaining.
> 
> Sincerely,
> Mansour Moufid
> 
> [1] http://www.cs.fsu.edu/~baker/devices/lxr/http/source/linux/drivers/md/dm-crypt.c#L110

Thanks!

So, am I right to believe that essiv is the best choice and benbi just
some kind of special requirement for lrw or should I stick with what's
recommended (although without reasons given for xts), e.g. cbc-essiv,
lrw-benbi, xts-plain?

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

  reply	other threads:[~2008-02-29 17:10 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-02-27 18:58 [gentoo-security] Encryption Ciphers Florian Philipp
2008-02-28 11:26 ` Daniel Troeder
2008-02-28 15:34 ` Peter Meier
2008-02-28 18:29   ` Florian Philipp
2008-02-28 20:19     ` Mansour Moufid
2008-02-29 17:09       ` Florian Philipp [this message]
2008-03-01  0:48 ` Dan Reidy
2008-03-01  2:37   ` Steffen Schulz
2008-03-01  3:31     ` Mansour Moufid
2008-03-01 10:43       ` Florian Philipp
2008-03-01 11:48         ` Calum
2008-03-01 12:28           ` Florian Philipp
2008-03-02  1:25             ` Danny
2008-03-06 15:30               ` Peter Meier
2008-03-07  7:07                 ` Eckard Brauer
2008-03-07  7:12                   ` [gentoo-security] gentoo-security+unsubscribe@gentoo.org Gianpiero.Tavano
2008-03-07  7:15                     ` Kristian Poul Herkild
2008-03-07 18:02                 ` [gentoo-security] Encryption Ciphers Danny
  -- strict thread matches above, loose matches on Subject: below --
2008-02-28 17:47 bmicek
2008-02-28 18:02 bmicek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1204304962.6725.5.camel@NOTE_GENTOO64.PHHEIMNETZ \
    --to=lists@f_philipp.fastmail.net \
    --cc=gentoo-security@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox