Date: Sun, 26 Sep 2010 18:51:27 +0200 From: =?UTF-8?Q?I=C3=B1igo_Ortiz_de_Urbina?= <inigoortizdeurbina@gmail.com> To: Pawel Jakub Dawidek <pjd@freebsd.org>, freebsd-current@freebsd.org, freebsd-security@freebsd.org Subject: Re: Recent GELI additions. Message-ID: <AANLkTikOXybj1Bu5ToNd-gtj4W7uwr4c71QRqe%2Bx8ku6@mail.gmail.com> In-Reply-To: <20100925174929.GD47356@garage.freebsd.pl> References: <20100925174929.GD47356@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Indeed, truly impressive work. geli makes encryption a bliss :) Thank you very much pjd@! On 9/25/10, Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > Hi. > > I'd like to inform about three new features in GELI available in HEAD: > > 1. AES-XTS encryption. XTS mode is a standard that is recommended these > days for storage encryption. This is the default now. AES-XTS support > was also added to opencrypto framework and aesni(4) driver. > > 2. Multiple encryption keys. GELI will use one encryption key for at > most 2^20 blocks (sectors), as it is not recommended to use the same > encryption key for too much data. It generates keys array from the > master key on attach and uses it accordingly. This is the default now. > > 3. Passphrase can now be loaded from a file (-J and -j options). > > -- > Pawel Jakub Dawidek http://www.wheelsystems.com > pjd@FreeBSD.org http://www.FreeBSD.org > FreeBSD committer Am I Evil? Yes, I Am! >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTikOXybj1Bu5ToNd-gtj4W7uwr4c71QRqe%2Bx8ku6>