From owner-freebsd-geom@FreeBSD.ORG  Tue Sep 23 13:31:01 2008
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EA029106567F
	for <freebsd-geom@freebsd.org>; Tue, 23 Sep 2008 13:31:01 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from dd17730.kasserver.com (dd17730.kasserver.com [85.13.138.103])
	by mx1.freebsd.org (Postfix) with ESMTP id A80DB8FC23
	for <freebsd-geom@freebsd.org>; Tue, 23 Sep 2008 13:31:01 +0000 (UTC)
	(envelope-from news@nermal.rz1.convenimus.net)
Received: from nermal.rz1.convenimus.net (unknown [87.230.127.0])
	by dd17730.kasserver.com (Postfix) with ESMTP id 7AFB11871FFF4
	for <freebsd-geom@freebsd.org>; Tue, 23 Sep 2008 15:18:18 +0200 (CEST)
Received: by nermal.rz1.convenimus.net (Postfix, from userid 8)
	id 4AC7A15224; Tue, 23 Sep 2008 14:37:02 +0200 (CEST)
To: freebsd-geom@freebsd.org
Path: not-for-mail
From: Christian Baer <christian.baer@uni-dortmund.de>
Newsgroups: gmane.os.freebsd.devel.geom
Date: Tue, 23 Sep 2008 15:18:04 +0200
Organization: Convenimus Projekt
Lines: 16
Message-ID: <gbantd$1e9j$2@nermal.rz1.convenimus.net>
NNTP-Posting-Host: nermal.rz1.convenimus.net
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: nermal.rz1.convenimus.net 1222173422 47411 192.168.100.10 (23 Sep
	2008 12:37:02 GMT)
X-Complaints-To: abuse@convenimus.net
NNTP-Posting-Date: Tue, 23 Sep 2008 12:37:02 +0000 (UTC)
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de;
	rv:1.8.1.16) Gecko/20080708 Thunderbird/2.0.0.16 Mnenhy/0.7.5.0
Subject: Big file systems with geli
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Sep 2008 13:31:02 -0000

Hey there folks!

After reading up a little on encryption modes, I was wondering, how 
large may a geli-encrypted file system be and still be cosidered being 
secure? There are suggestions not to go above 1TB with a single key in 
XTS mode[1]. geli uses cbc, IIRC, which is a simpler approach. So I was 
wondering, what size might be safe here.

1TB file systems can even be on single drives (Seagate has 1,5TB drives) 
and RAIDs could be even bigger. Since ffs can go way beyond that, a hint 
concerning geli would be nice.

Regards,
Chris

[1] http://en.wikipedia.org/wiki/Disk_encryption_theory#XTS