[Whonix-devel] Bug#910249: Bumping up encryption to AES-256 by default

• Previous message (by thread): [Whonix-devel] Bug#910249: Bumping up encryption to AES-256 by default
• Next message (by thread): [Whonix-devel] [Oracle VM VirtualBox] #17987: VirtualBox 5.2.18 vulnerable to spectre/meltdown despite microcode being installed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jeremy Bicha:
> On Wed, Oct 3, 2018 at 6:36 PM procmem <procmem at riseup.net> wrote:
>> Package: gnome-disk-utility
>> Version: all
>> Severity: serious
>>
>> Hi. I noticed Gnome Disks uses AES-128 by default instead of AES-256
>> like Debian does out of the box. Having 256 bit symmetric keys is good
>> practice for long term security especially in a coming era of quantum
>> computers. (Whether they materialize or not is deabatble but why not
>> have a sufficient margin if it's easy enough?) It is also the
>> recommended level by NIST.
> 
> Please report this issue to the GNOME Disks developers:
> https://gitlab.gnome.org/GNOME/gnome-disk-utility/issues
> 
> From what I can tell, Disks uses udisks2 which uses libblockdev. The
> libblockdev default is 256 bits.
> 
> https://github.com/storaged-project/libblockdev/blob/master/src/plugins/crypto.h#L39
> 
> So I'm not sure if the libblockdev default should be changed or if
> that's something that GNOME Disks is supposed to handle itself.
> 
> Thanks,
> Jeremy Bicha
> 

Thanks for pointing me to the code and upstream bugtracker :) I've
opened a ticket on GNOME here:

https://gitlab.gnome.org/GNOME/gnome-disk-utility/issues/103

Feel free to close the ticket here because it's not related to you guys.

• Previous message (by thread): [Whonix-devel] Bug#910249: Bumping up encryption to AES-256 by default
• Next message (by thread): [Whonix-devel] [Oracle VM VirtualBox] #17987: VirtualBox 5.2.18 vulnerable to spectre/meltdown despite microcode being installed
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]