[Bug 1577619] [NEW] Update default drive encryption to AES-256
kon in
deluh at leeching.net
Tue May 3 02:46:59 UTC 2016
Public bug reported:
Currently, the latest version of Ubuntu encrypts new installations with
AES-256 (512 bits halved). But when you encrypt an external drive using
Ubuntu's default Format+Create LUKS partition once the operating system
is installed, it only encrypts it with AES-128 as far as I can see (256
bits halved). Why is this the case?
I see no reason not to upgrade it to AES-256 and can help protect, to an
extent, future quantum computing attacks where AES-128 would become much
less resilient in comparison.
P.S. Any possibility of OCB (patent-free for GPL) or GCM to be included
in block ciphers in the future (not an expert in this area so correct me
if I am wrong to assume they are going to be better than what we have
now)?
Thank you.
** Affects: cryptsetup (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1577619
Title:
Update default drive encryption to AES-256
Status in cryptsetup package in Ubuntu:
New
Bug description:
Currently, the latest version of Ubuntu encrypts new installations
with AES-256 (512 bits halved). But when you encrypt an external drive
using Ubuntu's default Format+Create LUKS partition once the operating
system is installed, it only encrypts it with AES-128 as far as I can
see (256 bits halved). Why is this the case?
I see no reason not to upgrade it to AES-256 and can help protect, to
an extent, future quantum computing attacks where AES-128 would become
much less resilient in comparison.
P.S. Any possibility of OCB (patent-free for GPL) or GCM to be
included in block ciphers in the future (not an expert in this area so
correct me if I am wrong to assume they are going to be better than
what we have now)?
Thank you.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1577619/+subscriptions
More information about the foundations-bugs
mailing list