[Bug 1263740] [NEW] 12.04.4 alternate installer encryption should default to aes-xts-plain64

[Marc Deslauriers]

*** This bug is a security vulnerability ***

Public security bug reported:

12.04 LUKS encryption in the installer defaulted to CBC. We should
switch 12.04.4 to aes-xts-plain64 as in 12.10 and above.

See:
http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/

** Affects: partman-crypto (Ubuntu)
     Importance: Undecided
     Assignee: Dimitri John Ledkov (xnox)
         Status: Fix Released

** Affects: partman-crypto (Ubuntu Precise)
     Importance: Undecided
     Assignee: Dimitri John Ledkov (xnox)
         Status: New

** Changed in: ubiquity (Ubuntu)
     Assignee: (unassigned) => Dimitri John Ledkov (xnox)

** Also affects: ubiquity (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Changed in: ubiquity (Ubuntu)
       Status: New => Fix Released

** Changed in: ubiquity (Ubuntu Precise)
    Milestone: None => ubuntu-12.04.4

** Changed in: ubiquity (Ubuntu Precise)
     Assignee: (unassigned) => Dimitri John Ledkov (xnox)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1263740

Title:
  12.04.4 alternate installer encryption should default to aes-xts-
  plain64

Status in “partman-crypto” package in Ubuntu:
  Fix Released
Status in “partman-crypto” source package in Precise:
  New

Bug description:
  12.04 LUKS encryption in the installer defaulted to CBC. We should
  switch 12.04.4 to aes-xts-plain64 as in 12.10 and above.

  See:
  http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/partman-crypto/+bug/1263740/+subscriptions