[Whonix-devel] Bug#910249: Bumping up encryption to AES-256 by default
procmem at riseup.net
Thu Oct 4 02:43:48 CEST 2018
> On Wed, Oct 3, 2018 at 6:36 PM procmem <procmem at riseup.net> wrote:
>> Package: gnome-disk-utility
>> Version: all
>> Severity: serious
>> Hi. I noticed Gnome Disks uses AES-128 by default instead of AES-256
>> like Debian does out of the box. Having 256 bit symmetric keys is good
>> practice for long term security especially in a coming era of quantum
>> computers. (Whether they materialize or not is deabatble but why not
>> have a sufficient margin if it's easy enough?) It is also the
>> recommended level by NIST.
> Please report this issue to the GNOME Disks developers:
> From what I can tell, Disks uses udisks2 which uses libblockdev. The
> libblockdev default is 256 bits.
> So I'm not sure if the libblockdev default should be changed or if
> that's something that GNOME Disks is supposed to handle itself.
> Jeremy Bicha
Thanks for pointing me to the code and upstream bugtracker :) I've
opened a ticket on GNOME here:
Feel free to close the ticket here because it's not related to you guys.
More information about the Whonix-devel