From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mbroz@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
	by mail.saout.de (Postfix) with ESMTP
	for <dm-crypt@saout.de>; Sun, 25 Jul 2010 15:52:24 +0200 (CEST)
Message-ID: <4C4C4192.60908@redhat.com>
Date: Sun, 25 Jul 2010 15:52:18 +0200
From: Milan Broz <mbroz@redhat.com>
MIME-Version: 1.0
References: <AANLkTilnJU3L9ejwDVNTPGt14IAA3MqCRXZjFRY6uNpv@mail.gmail.com>	
	<20100725103458.GA26486@tansi.org> <4C4C2D3C.40306@redhat.com>
	<1280063664.3309.119.camel@fermat.scientia.net>
In-Reply-To: <1280063664.3309.119.camel@fermat.scientia.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Efficacy of xts over 1TB
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
	<mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Christoph Anton Mitterer <christoph.anton.mitterer@physik.uni-muenchen.de>
Cc: dm-crypt@saout.de

On 07/25/2010 03:14 PM, Christoph Anton Mitterer wrote:

> 1) What's the maximum size a partition can (securely) have with plain64?

not talking about encryption mode security, just about plain IV:

plain 64 is just 64bit unsigned (512b sector number with optional initial
offset), sector are also 64bit, so limit is the same like maximum block
device in Linux currently.

> 2) Is plain64 solwer than the the normal plain? If not,... and even
> if,.. wouldn't it be better to let "plain" be what currently "plain64"
> is and to add a e.g. "plain32" or so, which people can use if the really
> know what they're doing?

It is not slower (plain uses 64bit too but with masking 32bits out,
I guess this is some cryptoloop legacy)

plain64 discussion was already in this list - we cannot change plain because
of backward compatibility (Imagine old 4TB LUKS device ("plain" iv mode in header)
- after this change everything above 2TB is garbage.)
I prefer keep small open problem here (only few such systems in fact) to
destroying users data for sure.
(I can add warning/hint to cryptsetup binary if using large device.)

Default modes in cryptsetup now use essiv:sha256 (no problem here).
Mainly for backward compatibility (best compatible/safe mode,
e.g. RHEL/CentOS5 do not have XTS yet), otherwise I personally prefer XTS mode:-)

You have to set -c cipher-mode-plain manually, I expect you know what
are you doing then.
 
> 3) In any case,.. this should go in the FAQ, Arno, can you add this
> please?

yes, I thought it is already there...

Milan