GUI: Encryption: I suggest renaming

Postings relating to old VirtualBox pre-releases
Post Reply
Technologov
Volunteer
Posts: 3342
Joined: 10. May 2007, 16:59
Location: Israel

GUI: Encryption: I suggest renaming

Post by Technologov »

Instead of "AES-XTS256-PLAIN64" let's try something simpler, eh?

Like:
"AES256" and "AES128". Simple !
aeichner
Oracle Corporation
Posts: 193
Joined: 31. Aug 2007, 19:12

Re: GUI: Encryption Cipher string is so complex...

Post by aeichner »

I have to disagree here. The cipher name might look complex at first but your suggestion is far too vague in my opinion. The current naming specifies the used cryptographic algorithm, mode and initialization vector completely which I think is more important for this kind of feature than a simple name.
Technologov
Volunteer
Posts: 3342
Joined: 10. May 2007, 16:59
Location: Israel

Re: GUI: Encryption Cipher string is so complex...

Post by Technologov »

Specifics, eh? Why not add hashing and amount of rings?
AES-XTS256-PLAIN64-16RINGS-SHA256 anyone? (@_@)

Cisco IOS ? They use simple names. AES-128, AES-256, DES, 3DES.

Truecrypt ?
Only 3 options:
AES, Twofish, Serpent.

AES is always 256-bit, they don't even ask. (there is no AES-128 option)
And Truecrypt containers are way more secure than VirtualBox is. +has two-factor auth, with keyfile.
Note, that if Truecrypt being encryption-focused software can get away with short names, there is no justification for VirtualBox to super-complicate things.

So no, more complexity in UI is bad idea, You can put full algo name in user-manual, if you _really_ want. For users, "AES-256" is enough.
BTW: If performance is similar, leaving only AES-256 may be even better for simplicity, calling it simply "AES".

VirtualBox doesn't need to be sainter than Pope (TrueCrypt).
Technologov
Volunteer
Posts: 3342
Joined: 10. May 2007, 16:59
Location: Israel

Re: GUI: Encryption: I suggest renaming

Post by Technologov »

I suggest renaming.
sej7278
Volunteer
Posts: 1003
Joined: 5. Sep 2008, 14:40
Primary OS: Debian other
VBox Version: PUEL
Guest OSses: Solaris, Linux, Windows, OS/2, MacOSX, FreeBSD
Contact:

Re: GUI: Encryption: I suggest renaming

Post by sej7278 »

i assume its the dm-crypt/luks format they're using so really they should be listing the flags including the hash algo:

cryptsetup --cipher aes-xts-plain64 --key-size 256 --hash sha1

so really aes-xts-plain64-256-sha1 would be more accurate.

its misleading to just call it "aes-256", when it comes to encryption you have to be exact, its not good enough to dumb it down.
Technologov
Volunteer
Posts: 3342
Joined: 10. May 2007, 16:59
Location: Israel

Re: GUI: Encryption: I suggest renaming

Post by Technologov »

It is fine to dumb it down in the GUI, as long as the documentation explains it properly.
I have already written a bit about SHA hash earlier.
Post Reply