If you don't trust AES acceleration hardware, you don't have to use it.
Uninstall the aesni_intel kernel module, etc . You can still use AES.
At the point that you don't trust your Hardware, you're pretty much
entirely fsck'd in any case.
--David
On 2/18/15 1:24 PM, goupille wrote:
> Hi !
>
> we received complaints from a user about the persistence encryption. basically, I don't really know what I'm talking about, so that's a resumee of that user's remarks (without the bad words) :
>
> AES : the fact that moderns hardware are shipping dedicated AES modules is a risk (potentiality of unknown features in those modules). the user proposes to use Serpent instead (which is less subject to that threat)
>
> SHA1 : using SHA1 today is very bad, SHA512 should be the default
>
> keysize: with a keysize of 256 in XTS method the real keysize to factor against is already only 128 (if the everything else in the implementation is robust). he seems to think that AES-128 is not safe at all against a government and doesn't trust so much AES-256. since there is no "significant performance hit", and due to XTS, the default keysize should be 512 bits.
>
> iteration time: it is low for slow systems, and Tails is aimed to work on relatively slow systems it should be increased
>
>
>
> cheers.
>
>
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
