Tor uses swap?

Gregory Maxwell gmaxwell at
Tue Jan 4 17:29:57 UTC 2011

On Tue, Jan 4, 2011 at 12:11 PM, Steve Crook <steve at> wrote:
> On Tue, Jan 04, 2011 at 10:13:00AM -0500, Gregory Maxwell wrote:
>> swap /dev/sda9 /dev/urandom swap,cipher=aes-lrw-plain,size=256
> Same solution as I use but with slightly different options.  Mine are:
> cipher=aes-cbc-essiv:sha256,size=256,hash=sha256,swap
> The example on
> suggests no options other than 'swap'.

Our commands differ in the chaining and IV selection mode.  Mine
should be a fair bit faster. Both should provide adequate security.
The LRW mode I'm suggesting wasn't added to the kernel until a few
years after essiv support, which explains the prevalence of essiv in

I'm not sure what the defaults are if no parameters are specified. I'd
be concerned that it may use plain CBC, which is vulnerable to
watermarking attacks[1].

To unsubscribe, send an e-mail to majordomo at with
unsubscribe or-talk    in the body.

More information about the tor-talk mailing list