[Bug 1577619] Re: Update default drive encryption to AES-256
Launchpad Bug Tracker
1577619 at bugs.launchpad.net
Wed Mar 29 14:15:45 UTC 2017
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: cryptsetup (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1577619
Title:
Update default drive encryption to AES-256
Status in cryptsetup package in Ubuntu:
Confirmed
Bug description:
Currently, the latest version of Ubuntu encrypts new installations
with AES-256 (512 bits halved). But when you encrypt an external drive
using Ubuntu's default Format+Create LUKS partition once the operating
system is installed, it only encrypts it with AES-128 as far as I can
see (256 bits halved). Why is this the case?
I see no reason not to upgrade it to AES-256 and can help protect, to
an extent, future quantum computing attacks where AES-128 would become
much less resilient in comparison.
P.S. Any possibility of OCB (patent-free for GPL) or GCM to be
included in block ciphers in the future (not an expert in this area so
correct me if I am wrong to assume they are going to be better than
what we have now)?
Thank you.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1577619/+subscriptions
More information about the foundations-bugs
mailing list