Instead of "AES-XTS256-PLAIN64" let's try something simpler, eh?
Like:
"AES256" and "AES128". Simple !
GUI: Encryption: I suggest renaming
-
- Volunteer
- Posts: 3342
- Joined: 10. May 2007, 16:59
- Location: Israel
Re: GUI: Encryption Cipher string is so complex...
I have to disagree here. The cipher name might look complex at first but your suggestion is far too vague in my opinion. The current naming specifies the used cryptographic algorithm, mode and initialization vector completely which I think is more important for this kind of feature than a simple name.
-
- Volunteer
- Posts: 3342
- Joined: 10. May 2007, 16:59
- Location: Israel
Re: GUI: Encryption Cipher string is so complex...
Specifics, eh? Why not add hashing and amount of rings?
AES-XTS256-PLAIN64-16RINGS-SHA256 anyone? (@_@)
Cisco IOS ? They use simple names. AES-128, AES-256, DES, 3DES.
Truecrypt ?
Only 3 options:
AES, Twofish, Serpent.
AES is always 256-bit, they don't even ask. (there is no AES-128 option)
And Truecrypt containers are way more secure than VirtualBox is. +has two-factor auth, with keyfile.
Note, that if Truecrypt being encryption-focused software can get away with short names, there is no justification for VirtualBox to super-complicate things.
So no, more complexity in UI is bad idea, You can put full algo name in user-manual, if you _really_ want. For users, "AES-256" is enough.
BTW: If performance is similar, leaving only AES-256 may be even better for simplicity, calling it simply "AES".
VirtualBox doesn't need to be sainter than Pope (TrueCrypt).
AES-XTS256-PLAIN64-16RINGS-SHA256 anyone? (@_@)
Cisco IOS ? They use simple names. AES-128, AES-256, DES, 3DES.
Truecrypt ?
Only 3 options:
AES, Twofish, Serpent.
AES is always 256-bit, they don't even ask. (there is no AES-128 option)
And Truecrypt containers are way more secure than VirtualBox is. +has two-factor auth, with keyfile.
Note, that if Truecrypt being encryption-focused software can get away with short names, there is no justification for VirtualBox to super-complicate things.
So no, more complexity in UI is bad idea, You can put full algo name in user-manual, if you _really_ want. For users, "AES-256" is enough.
BTW: If performance is similar, leaving only AES-256 may be even better for simplicity, calling it simply "AES".
VirtualBox doesn't need to be sainter than Pope (TrueCrypt).
-
- Volunteer
- Posts: 3342
- Joined: 10. May 2007, 16:59
- Location: Israel
Re: GUI: Encryption: I suggest renaming
I suggest renaming.
-
- Volunteer
- Posts: 1003
- Joined: 5. Sep 2008, 14:40
- Primary OS: Debian other
- VBox Version: PUEL
- Guest OSses: Solaris, Linux, Windows, OS/2, MacOSX, FreeBSD
- Contact:
Re: GUI: Encryption: I suggest renaming
i assume its the dm-crypt/luks format they're using so really they should be listing the flags including the hash algo:
cryptsetup --cipher aes-xts-plain64 --key-size 256 --hash sha1
so really aes-xts-plain64-256-sha1 would be more accurate.
its misleading to just call it "aes-256", when it comes to encryption you have to be exact, its not good enough to dumb it down.
cryptsetup --cipher aes-xts-plain64 --key-size 256 --hash sha1
so really aes-xts-plain64-256-sha1 would be more accurate.
its misleading to just call it "aes-256", when it comes to encryption you have to be exact, its not good enough to dumb it down.
-
- Volunteer
- Posts: 3342
- Joined: 10. May 2007, 16:59
- Location: Israel
Re: GUI: Encryption: I suggest renaming
It is fine to dumb it down in the GUI, as long as the documentation explains it properly.
I have already written a bit about SHA hash earlier.
I have already written a bit about SHA hash earlier.