TIL the French government may have broken encryption on a LUKS-encrypted laptop with a “greater than 20 character” password in April 2023.
When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.
The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.
And they also link to Matthew Garrett’s article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.
https://unix.stackexchange.com/questions/260533/how-to-determine-what-encryption-is-being-used-a-luks-partition
Use these methods to see which version of LUKS your volume is using. Make sure you are using version 2 or higher.
afaik LUKS1 is fine. And AES is fine.
What matters is which KDF is used in your luks slots (which hold your AES master encryption key)