http://bugzilla.novell.com/show_bug.cgi?id=534644 Summary: Use aes-xts-plain instead of aes-cbc-essiv for hard disk encryption Classification: openSUSE Product: openSUSE 11.2 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Critical Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: bitdealer@gmail.com QAContact: qa@suse.de Found By: --- Please set the default to be used for encrypted partitions to aes-xts-plain instead of aes-cbc-essiv because aes-xts-plain is an improvement to the old aes-cbc-essiv that avoids watermark attacks besides other stuff. By now it is used for some time so there is no reason to stick with the outdated, less secure stuff. Also please increase the key size to 512 ("-s 512"). -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.