Date: Sat, 25 Sep 2010 19:49:29 +0200 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: freebsd-current@FreeBSD.org Cc: freebsd-security@FreeBSD.org Subject: Recent GELI additions. Message-ID: <20100925174929.GD47356@garage.freebsd.pl>
next in thread | raw e-mail | index | archive | help
--yH1ZJFh+qWm+VodA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. I'd like to inform about three new features in GELI available in HEAD: 1. AES-XTS encryption. XTS mode is a standard that is recommended these days for storage encryption. This is the default now. AES-XTS support was also added to opencrypto framework and aesni(4) driver. 2. Multiple encryption keys. GELI will use one encryption key for at most 2^20 blocks (sectors), as it is not recommended to use the same encryption key for too much data. It generates keys array from the master key on attach and uses it accordingly. This is the default now. 3. Passphrase can now be loaded from a file (-J and -j options). --=20 Pawel Jakub Dawidek http://www.wheelsystems.com pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --yH1ZJFh+qWm+VodA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkyeNikACgkQForvXbEpPzSRywCggPV06cuFcVEFfS+NwIwestc0 BiAAoJVb7VGXo3XHPFEBWZnJIIZ1kfOQ =7Tge -----END PGP SIGNATURE----- --yH1ZJFh+qWm+VodA--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100925174929.GD47356>