Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 25 Jul 2012 12:18:47 -0700
From:      Michael Sierchio <>
To:        Wojciech Puchar <>
Subject:   Re: geli - selecting cipher
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Wed, Jul 25, 2012 at 11:57 AM, Wojciech Puchar
<> wrote:
> i need high speed disk encryption (many disks running in parallel, lots of

> I'm not cryptography expert, is CBC somehow "less secure", and if so is it
> really a problem?

XTS-AES is a standard devised specifically for disk encryption - it
supports operations on sectors that aren't divisible by the cipher
block size.


I personally would be fine with AES-CTR mode, since I don't see the
need to defend against the mythical "strong" adversary who can write
arbitrary bits to unused sectors and then ask to have them decrypted.
AES-CTR doesn't (by itself) have any integrity check.

AES-CBC is fine, but the ciphertext is larger than the plaintext.

- M

Want to link to this message? Use this URL: <>