[Bug 1577619] Re: Update default drive encryption to AES-256

Launchpad Bug Tracker 1577619 at bugs.launchpad.net
Wed Mar 29 14:15:45 UTC 2017


Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: cryptsetup (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1577619

Title:
  Update default drive encryption to AES-256

Status in cryptsetup package in Ubuntu:
  Confirmed

Bug description:
  Currently, the latest version of Ubuntu encrypts new installations
  with AES-256 (512 bits halved). But when you encrypt an external drive
  using Ubuntu's default Format+Create LUKS partition once the operating
  system is installed, it only encrypts it with AES-128 as far as I can
  see (256 bits halved). Why is this the case?

  I see no reason not to upgrade it to AES-256 and can help protect, to
  an extent, future quantum computing attacks where AES-128 would become
  much less resilient in comparison.

  P.S. Any possibility of OCB (patent-free for GPL) or GCM to be
  included in block ciphers in the future (not an expert in this area so
  correct me if I am wrong to assume they are going to be better than
  what we have now)?

  Thank you.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1577619/+subscriptions



More information about the foundations-bugs mailing list