Discussion:
FreeOTFE, why cbc?
(too old to reply)
lurker
2009-05-08 14:55:31 UTC
Permalink
i read tc switched from cbc for security reasons. i am curious why my
fav cipher only uses cbc when its been said to be less secure?
is any sec iv more secure than others?
thanks for any input or advice.
nemo_outis
2009-05-08 15:51:19 UTC
Permalink
Post by lurker
i read tc switched from cbc for security reasons. i am curious why my
fav cipher only uses cbc when its been said to be less secure?
is any sec iv more secure than others?
thanks for any input or advice.
A good introductory description of the weaknesses of CBC mode (and
responses to it) can be found here:

Disk encryption theory
http://en.wikipedia.org/wiki/Disk_encryption_theory

Regards,
Sarah Dean
2009-05-08 18:20:33 UTC
Permalink
Post by lurker
i read tc switched from cbc for security reasons. i am curious why my
fav cipher only uses cbc when its been said to be less secure?
is any sec iv more secure than others?
thanks for any input or advice.
FreeOTFE only uses CBC if the user *explicitly* selects it.

By default, FreeOTFE uses XTS (specifically, XTS-AES-256 - the IEEE
standard for disk encryption). If your favourite cypher is less secure, you
might want to reconsider your choice of favourite cypher.

For the vast majority of users though, the cypher mode is unlikely to make
any real difference - with modern cyphers, the weakest link in the chain is
generally not the encryption system.
lurker
2009-05-10 23:31:19 UTC
Permalink
thanks for the response and freeotfe, im switching from tc. :) i think
serpent is more secure. but was curious if using it with cbc would make
it more likely broke than if it used xts..
thanks

Loading...