I have been working on something and thought I would query here because there are some "sage" users in this forum. Is anyone here running dm-crypt (LUKS) using xts-serpent-essiv ? I don't care at all about other switches or hashes, etc...... just what you experience if you are running this combination on your headers. I understand how debatable this combo is. While I am not too concerned about benchmarks, I suppose getting a picture of this would also assist with the project.
As many here may have guessed XTS and ESSIV don't seem to like each other. It is commonly argued that they accomplish mostly the same thing but go about it differently. For now I am finding that dm-crypt out of the box (using a conventional kernel) puts a user in a place where they can select either one, but not both, within the same header configuration. Serpent is the "hardest" algo of the top contenders for the AES title. I actually understand why it was not selected, but those reasons mostly apply to casual users and mass production stuff. On high end machines I would gladly tradeoff the extra "crunching power needed" for the better security. .02 only. I may follow up on this thread later next week. I am converting a few twofish machines over to serpent with high numeric command switch hash and iterations. Think the benchmarks are going to be awful?
