-
-
Notifications
You must be signed in to change notification settings - Fork 31
AES-XTS VFS #167
Copy link
Copy link
Closed
Labels
enhancementNew feature or requestNew feature or request
Description
Metadata
Metadata
Assignees
Labels
enhancementNew feature or requestNew feature or request
When I was going through a crypto review as part of internal corporate processes, the reviewers found the crypto in Adiantum a bit too new-fangled. Nothing inherently wrong, just not on a pre-vetted list.
As such, it was suggested that I use AES-XTS and key generation via PBKDF2 instead of Argon2id. My XTS VFS implementation is not highly differentiated from the Adiantum VFS, except perhaps that it only imports
x/crypto.Are you interested in an XTS VFS PR (with
internal/util.AssertErradded)?See https://github.com/fido-device-onboard/go-fdo/blob/main/sqlite/xts/xts.go