List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
I've been using dm-crypt with twofish-lrw-benbi:ripemd160 for (swap
and /tmp) because, if I understand correctly, Twofish is more
optimized in the Linux kernel than AES (and therefore faster). I've
been thinking of using AES on /home.
One thing I don't understand is the term "benbi". Does this have
something to do with IV generation?
One last thing. I've heard that LRW will be replaced with XTS. 
IIRC correctly, the XTS cipher mode isn't in the Linux kernel yet?
Also, from what I've read, the problems with LRW boil down to a
"traitor tracing" problem, that repeated physical access to a drive is
needed, and even then one could theoretically only confirm the
presence of a known plaintext. Am I getting this right?
firstname.lastname@example.org mailing list