Not all encryption is created equal. While most people are familiar with AES encryption, few understand why your encrypted hard drive uses a special variant called AES-XTS (XEX-based Tweaked CodeBook mode with CipherText Stealing). Here, we explore what makes XTS could be for securing files and disks.
Press enter or click to view image in full size
Why Ordinary Encryption Fails for Disks
Imagine you’re encrypting the entire hard drive with standard AES-CBC mode. Every time you save a small file or update a few bytes, the entire encryption block would need to be rewritten. This would be incredibly inefficient and wear out your storage media quickly. Even worse, if 2 disk sectors contained identical data (like zeros), they would encrypt to identical ciphertext — revealing patterns that attackers could exploit.
