Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Dan Reidy <dubkat@...>
Subject: Re: Encryption Ciphers
Date: Fri, 29 Feb 2008 19:48:57 -0500
On Wednesday 27 February 2008 01:58:11 pm Florian Philipp wrote:
> Hi!
>
> I just did some benchmarking on different ciphers for cryptsetup-luks
> and now I've got some questions:
>
> 1. Is it a valid way to benchmark by using "time dd if=/dev/zero
> of=/dev/mapper/cryptmapping -bs=1M"? The results seem to match other
> benchmarks but I just want to be sure.
>
> 2. I've tested every (sensible) cipher with 64, 128, 256 and 320bits
> keysize (if supported). Apparently I can choose between:
>
> Blowfish 64-256bit
> Twofish 128-256bit
> AES 128-256bit
> Anubis 128-320bit

I've never done any benchmarks myself, however a few years back I did read 
up on which crytpo engine would be best for a large hard disk or partition. 
I do remember clearly that there is a bug in AES's block cyper that causes 
it to repeat keys on large disks/partitions. This "feature" could make it 
easier for your key to be cracked. I personally use Twofish 256 with 
SHA256, ive never tried any other hash method. I also use Serpent on my 
swap, for no other reason than to try something different - and it's a cool 
name. (flame on!).

I tried to find that link that explains that AES flaw, but to no avail. 
Maybe you'll have better luck if it's something that concerns you.

ps. i am obviously no expert in cryptology - take my comments with a grain 
of salt.


-- 
 -==========================================-

    Avoid the Gates of Hell. Use Linux.
      The choice of a GNU Generation.

   Daniel J Reidy       RipeID:  DJR9-RIPE
   dubkat@...    GPG Key: 0x36833401
             http://sigterm.us/

 -==========================================-
Attachment:
signature.asc (This is a digitally signed message part.)
Replies:
Re: Encryption Ciphers
-- Steffen Schulz
References:
Encryption Ciphers
-- Florian Philipp
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Encryption Ciphers
Next by thread:
Re: Encryption Ciphers
Previous by date:
Re: Encryption Ciphers
Next by date:
Re: Encryption Ciphers gentoo-security@g.o


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.