Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Recent GELI additions.

4 views

Skip to first unread message

Pawel Jakub Dawidek

unread,

Sep 25, 2010, 1:49:29 PM9/25/10

Hi.

I'd like to inform about three new features in GELI available in HEAD:

1. AES-XTS encryption. XTS mode is a standard that is recommended these
days for storage encryption. This is the default now. AES-XTS support
was also added to opencrypto framework and aesni(4) driver.

2. Multiple encryption keys. GELI will use one encryption key for at
most 2^20 blocks (sectors), as it is not recommended to use the same
encryption key for too much data. It generates keys array from the
master key on attach and uses it accordingly. This is the default now.

3. Passphrase can now be loaded from a file (-J and -j options).

--
Pawel Jakub Dawidek http://www.wheelsystems.com
p...@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!

Iñigo Ortiz de Urbina

unread,

Sep 26, 2010, 12:51:27 PM9/26/10

Indeed, truly impressive work. geli makes encryption a bliss :)

Thank you very much pjd@!

_______________________________________________
freebsd-...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-securi...@freebsd.org"

0 new messages