Encryption cipher used in Red Hat Fedora?

Welly Wu · #1 6th April 2012, 02:43 PM

I installed Red Hat Fedora 16 64 bit GNU/Linux and I set it up to use LVM and to encrypt my Intel 2nd Generation X25-M 160 gigabyte Solid State Drive. I have an ASUS N61JV-X2 notebook PC with Crucial 8 gigabytes dual-channel PC-8500 DDR3 SDRAM. What is the encryption cipher used? I am guessing that it is Advanced Encryption Standard in Cipher Block Chain mode at 256 bits key strength and SHA-512 hash algorithm because it is the industry standard. However, I would like information to confirm this hunch of mine or to tell me precisely what encryption system is used. Please reply if you can tell me my answer. Thank you.

nonamedotc · #2 6th April 2012, 03:18 PM

I know that, as of, Fedora 14 it was AES-128 with SHA 256 hashing. But, I am not sure if that has been changed in Fedora 16 to AES 256/SHA512. I will have to check. Will get back!

---------- Post added at 09:18 AM ---------- Previous post was at 09:16 AM ----------

This is what I found from Fedora 14 Documentation.

Quote:

Fedora's default implementation of LUKS is AES 128 with a SHA256 hashing. Ciphers that are available are:

AES - Advanced Encryption Standard - FIPS PUB 197
Twofish (A 128-bit Block Cipher)
Serpent
cast5 - RFC 2144
cast6 - RFC 2612

It does not seems to have changed in Fedora 15/16. Here is F16 documentation.

Welly Wu · #3 6th April 2012, 03:23 PM

Is there any way for me to check for myself?

When I was using Microsoft Windows 7 Ultimate 64 bit, I enabled BitLocker and BitLocker to Go. I set it to AES-256 with the Elephant Diffuser and I could open up the MS-DOS terminal and type in a command to find out if Bitlocker was turned on and it is enabled and the strength of the cipher.

Can I do the same thing in Red Hat Fedora 16 64 bit GNU/Linux?

---------- Post added at 10:23 AM ---------- Previous post was at 10:19 AM ----------

Damn!

AES 128 bits is still incredibly strong cryptography though.

I used to run Ubuntu 11.10 64 bit GNU/Linux. I downloaded the Alternative Install .ISO and burned it onto a blank CD-R. It allowed me to pick a few ciphers including AES, Blowfish, Serpent and set the cipher strength.

Is there an alternative install .ISO file available for Red Hat Fedora 16 64 bit GNU/Linux?

In other words, is there any way that I can re-install Red Hat Fedora 16 64 bit GNU/Linux and specify the cipher and its strength with the help of a GUI?

Please reply if you can answer my questions.

nonamedotc · #4 6th April 2012, 03:27 PM

During my installations using Fedora DVD, I have not seen any options to specify the cipher and number of bits. I could have missed it, but I do not think so. You can look at the man pages for cryptsetup. But, honestly, I do not know as I have never changed the defaults yet.

Cheers.