128 _verified_ - Xts-aes

XTS-AES (XEX-based Tweaked-codebook mode with ciphertext Stealing using AES) is a block cipher mode of operation specifically designed for encrypting data on storage devices. Its most common instantiation, , uses the Advanced Encryption Standard with a 128-bit key size. Unlike streaming modes (e.g., CTR, GCM) or other block modes (e.g., CBC), XTS is tailored to address the unique threats and performance requirements of sector-based storage (hard drives, SSDs, USB flash drives).

It is the mandated encryption mode for standards such as (for storage device encryption) and is widely used in: xts-aes 128

| Feature | XTS-AES | CBC (Cipher Block Chaining) | GCM (Galois/Counter Mode) | | :--- | :--- | :--- | :--- | | | Disk/Storage Encryption | File/Network Streams | Network Traffic (High Speed) | | Parallelization | Yes (Encrypt/Decrypt) | Decrypt only | Yes (Encrypt/Decrypt) | | Padding | Not needed (uses stealing) | Required | Not needed (stream style) | | Integrity Check | No | No | Yes (Built-in Auth) | It is the mandated encryption mode for standards

: XTS-AES 128 is highly optimized for modern CPUs. It often utilizes hardware acceleration (like Intel AES-NI) to ensure that the encryption process does not noticeably slow down disk read/write speeds. Wikipedia +2 Implementation in Major Systems XTS-AES 128 is the "out-of-the-box" choice for several major data protection features: System Feature Name Usage Windows BitLocker Default encryption method for OS and fixed data drives since Windows 10 (version 1511). macOS FileVault 2 Uses full XTS-AES 128 encryption to secure the entire startup volume. 128-bit vs. 256-bit: Which is Better? While many administrators consider upgrading to XTS-AES 256 for higher security, XTS-AES 128 remains the standard for most consumer and enterprise environments. Patch My PC 11 sites Configure BitLocker | Microsoft Learn Jul 29, 2025 — macOS FileVault 2 Uses full XTS-AES 128 encryption

Understanding XTS-AES 128: The Standard for Modern Data Protection