From: Florian Philipp <lists@f_philipp.fastmail.net>
To: gentoo-security@lists.gentoo.org
Subject: Re: [gentoo-security] Encryption Ciphers
Date: Fri, 29 Feb 2008 18:09:22 +0100 [thread overview]
Message-ID: <1204304962.6725.5.camel@NOTE_GENTOO64.PHHEIMNETZ> (raw)
In-Reply-To: <44a1f4d20802281219y3de6c57bk5f959b141911e463@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1053 bytes --]
On Thu, 2008-02-28 at 15:19 -0500, Mansour Moufid wrote:
> On Thu, Feb 28, 2008 at 1:29 PM, Florian Philipp
> <lists@f_philipp.fastmail.net> wrote:
> > One last question for everyone who has read this rather long mail (thank
> > you, btw): What exactly is benbi in aes-lrw-benbi:sha256 and what should
> > I choose for XTS? The kernel description states plain but essiv and
> > benbi work as well.
> >
>
> benbi is an IV generation algorithm. If you look at the dm-crypt
> sources [1], benbi stands for "big-endian 'narrow block'-count" (not
> sure where they got the `i' from...). There's also one called bewbi,
> which I thought was entertaining.
>
> Sincerely,
> Mansour Moufid
>
> [1] http://www.cs.fsu.edu/~baker/devices/lxr/http/source/linux/drivers/md/dm-crypt.c#L110
Thanks!
So, am I right to believe that essiv is the best choice and benbi just
some kind of special requirement for lrw or should I stick with what's
recommended (although without reasons given for xts), e.g. cbc-essiv,
lrw-benbi, xts-plain?
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2008-02-29 17:10 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-27 18:58 [gentoo-security] Encryption Ciphers Florian Philipp
2008-02-28 11:26 ` Daniel Troeder
2008-02-28 15:34 ` Peter Meier
2008-02-28 18:29 ` Florian Philipp
2008-02-28 20:19 ` Mansour Moufid
2008-02-29 17:09 ` Florian Philipp [this message]
2008-03-01 0:48 ` Dan Reidy
2008-03-01 2:37 ` Steffen Schulz
2008-03-01 3:31 ` Mansour Moufid
2008-03-01 10:43 ` Florian Philipp
2008-03-01 11:48 ` Calum
2008-03-01 12:28 ` Florian Philipp
2008-03-02 1:25 ` Danny
2008-03-06 15:30 ` Peter Meier
2008-03-07 7:07 ` Eckard Brauer
2008-03-07 7:12 ` [gentoo-security] gentoo-security+unsubscribe@gentoo.org Gianpiero.Tavano
2008-03-07 7:15 ` Kristian Poul Herkild
2008-03-07 18:02 ` [gentoo-security] Encryption Ciphers Danny
-- strict thread matches above, loose matches on Subject: below --
2008-02-28 17:47 bmicek
2008-02-28 18:02 bmicek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1204304962.6725.5.camel@NOTE_GENTOO64.PHHEIMNETZ \
--to=lists@f_philipp.fastmail.net \
--cc=gentoo-security@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox