From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <400thecat@gmx.ch> Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.server123.net (Postfix) with ESMTPS for ; Mon, 25 Nov 2019 16:17:09 +0100 (CET) Message-ID: <5DDBF073.1050409@gmx.ch> Date: Mon, 25 Nov 2019 16:17:07 +0100 From: Fourhundred Thecat <400thecat@gmx.ch> MIME-Version: 1.0 References: <62fc7ef6-e289-b268-17d5-6ac1df2f3904@gmx.ch> <39693781-1472-1aeb-5005-5141c02c6746@gmx.ch> <4c3b11fc-783c-e58f-681d-7acee12376d7@gmail.com> In-Reply-To: <4c3b11fc-783c-e58f-681d-7acee12376d7@gmail.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [dm-crypt] detached LUKS header size List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Milan Broz , dm-crypt@saout.de > On 2019-11-25 14:55, Milan Broz wrote: Hi Milan, just to make sure there is no misunderstanding: > Then there is alignment, so the real data offset is aligned by default t= o > the 1MB boundary. > > With this padding, header size is for 128bit key 2MB, for 256/512 key 4M= B. I am actually using 512 bit key: --cipher aes-xts-plain64 --key-size 512 --hash sha512 so it would seem I need 4MB header for luks1 with 512 key > Yes. For reference: for 128bit it is 528384 bytes, for 256bit 1052672 > bytes, > for 512bit (2x256bits in XTS mode) it is 2068480 bytes. now I am confused. 2068480 is less than 2MB. So when aligned to 1MB boundary, 2MB would be enough for luks1 with 512 key. So is it 2MB or 4MB ? many thanks,