Deprecating crypto algorithms in the kernel
Conrad Meyer
cem at freebsd.org
Tue May 7 20:46:35 UTC 2019
On Tue, May 7, 2019 at 1:37 PM Warner Losh <imp at bsdimp.com> wrote:
> This freaked me out when I saw it, since I have GELI volumes going back a
> about a decade. However, checking into it showed no cause for concern.
>
> The default was changed in this commit:
>
> pjd | Thu Sep 23 11:58:36 2010 +0000 | r213070
> Add support for AES-XTS. This will be the default now.
>
> All my GELI volumes are AES-XTS (though some pre-date this change, I may
> have converted somehow along the way). Camilla support was added in 2007,
> and that's not on the chopping block, but wasn't made the default.
>
> So all GELI volumes created in the last 8 years aren't affected (plus or
> minus for time to get into a release) and even older ones likely are still
> supported. So I expect the practical impact of this to be minimal.
Prior to AES-XTS, the default was "aes" (some non-XTS AES mode), since
geli was initially committed in 2005. So all GELI volumes created,
ever, that did not explicitly override the default encryption
algorithm with a weak cipher should be using some AES-based encryption
mode. None of those are on the chopping block, or even trending
towards deprecation.
Best,
Conrad
More information about the freebsd-arch
mailing list