geli - selecting cipher
Ivan Voras
ivoras at freebsd.org
Thu Jul 26 15:47:27 UTC 2012
On 26/07/2012 04:14, RW wrote:
> I asked a similar questions to the OPs in the geom list and didn't get
> an answer. Geli doesn't need or isn't using any advantages of XTS. And
> CBC in geli is actually equivalent to ESSIV (see the previously linked
> wikipedia page).
Hi,
You didn't get an answer because in security, the answer depends on
exact circumstances of use. The short answer is that if you don't have a
specific adversary you need to protect your data from, I'd say that
GELI's CBC is good enough for you.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20120726/b5b9da23/signature.pgp
More information about the freebsd-questions
mailing list