Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2012 22:24:40 +0200 (CEST)
From:      Wojciech Puchar <>
To:        Fabian Keil <>
Subject:   Re: geli - selecting cipher
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <juropu$hvb$> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
> Saying that geli's CBC implementation "is good enough" for someone
> seems to imply that it's somehow worse than XTS in general. Could you

true. i still don't really understand the difference.

I don't need actually anything other that inability to read data from my 
disk for a potential thief.

> The rationale of the change isn't clear to me either.
> Until recently I wasn't aware of the performance impact, though.

It is huge 5-8 times depending if you have hardware acceleration or not. 
AES-CBC is fast enough so encrypting SSD drives make sense.

Want to link to this message? Use this URL: <>