Cipher-Modus (EN)

Architecture

A cipher mode is the combination of an encryption algorithm and an operating mode that determines how the data is encrypted. With LUKS, this mode is set when initializing the partition and affects both the security and performance of the encryption. The recommended mode for maximum performance is aes-xts-plain64 with a key length of at least 256 bits, which uses modern CPU support like AES-NI. The choice of cipher mode has direct implications for system performance and the security of the encrypted data.

Data Flow

flowchart LR   A[Plaintext] --> B[Initialization Vector IV]   B --> C[Encryption Algorithm]   C --> D[Cipher Mode Operating Mode]   D --> E[Encrypted Data] 

In Context

• Typically used together with LUKS, dm-crypt and full disk encryption
• Related to: AES, XTS, ECB, CBC, GCM, LUKS, dm-crypt
• Example use: Disk encryption, container encryption, file system encryption