From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <xxiao8@fosiao.com>
Received: from sender163-mail.zoho.com (sender163-mail.zoho.com
 [74.201.84.163])
 (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Thu, 29 Oct 2015 23:44:07 +0100 (CET)
From: xxiao8 <xxiao8@fosiao.com>
Message-ID: <56329DAA.7020403@fosiao.com>
Date: Thu, 29 Oct 2015 17:28:58 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [dm-crypt] cryptsetup from aes-cbc to aes-xts
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

I had a one liner change in my cryptsetup script (see below), as long as 
the key-file is the same, I can keep using the content on the 
hard-drive, which is a surprise to me. Doesn't switch-to-aes-xts-plain64 
mandate a reformat of the hard drive? am I missing something?


Changing from
cryptsetup -v -c "aes-cbc-essiv:sha256" --key-size 256 --key-file 
/etc/keys/sda1.key luksFormat --use-random /dev/sda1

to
cryptsetup -v -c "aes-xts-plain64" --hash sha256 --key-size 512 
--key-file /etc/keys/sda1.key luksFormat --use-random /dev/sda1

Thanks for your help,

xxiao