diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index a56bca85..6d8931cf 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -1589,7 +1589,7 @@ int luksFormat(struct crypt_device **r_cd, struct crypt_keyslot_context **r_kc)
 			goto out;
 	}
 
-	keysize = get_adjusted_key_size(cipher_mode, ARG_UINT32(OPT_KEY_SIZE_ID),
+	keysize = get_adjusted_key_size(cipher, cipher_mode, ARG_UINT32(OPT_KEY_SIZE_ID),
 					DEFAULT_LUKS1_KEYBITS, integrity_keysize);
 
 	if (ARG_SET(OPT_HW_OPAL_ONLY_ID))
diff --git a/src/utils_luks.c b/src/utils_luks.c
index 3e611aaa..e9a29890 100644
--- a/src/utils_luks.c
+++ b/src/utils_luks.c
@@ -139,11 +139,11 @@ int set_tries_tty(bool keyring)
 	return (tools_is_stdin(ARG_STR(OPT_KEY_FILE_ID)) && isatty(STDIN_FILENO)) ? ARG_UINT32(OPT_TRIES_ID) : 1;
 }
 
-int get_adjusted_key_size(const char *cipher_mode, uint32_t keysize_bits,
+int get_adjusted_key_size(const char *cipher, const char *cipher_mode, uint32_t keysize_bits,
 			  uint32_t default_size_bits, int integrity_keysize)
 {
 #if ENABLE_LUKS_ADJUST_XTS_KEYSIZE
-	if (!keysize_bits && !strncmp(cipher_mode, "xts-", 4)) {
+	if (!keysize_bits && (!strncmp(cipher_mode, "xts-", 4) || !strncmp(cipher, "capi:xts(", 9))) {
 		if (default_size_bits == 128)
 			keysize_bits = 256;
 		else if (default_size_bits == 256)
diff --git a/src/utils_luks.h b/src/utils_luks.h
index 61aebec9..17da08a6 100644
--- a/src/utils_luks.h
+++ b/src/utils_luks.h
@@ -27,7 +27,7 @@ int set_pbkdf_params(struct crypt_device *cd, const char *dev_type);
 
 int set_tries_tty(bool keyring);
 
-int get_adjusted_key_size(const char *cipher_mode, uint32_t keysize_bits,
+int get_adjusted_key_size(const char *cipher, const char *cipher_mode, uint32_t keysize_bits,
 			  uint32_t default_size_bits, int integrity_keysize);
 
 int luksFormat(struct crypt_device **r_cd, struct crypt_keyslot_context **r_kc);
diff --git a/src/utils_reencrypt.c b/src/utils_reencrypt.c
index 77f31c9a..da624afc 100644
--- a/src/utils_reencrypt.c
+++ b/src/utils_reencrypt.c
@@ -1910,7 +1910,7 @@ static int reencrypt_luks2_init(struct crypt_device *cd, const char *data_device
 			new_key_size = ARG_UINT32(OPT_NEW_KEY_SIZE_ID);
 
 		if (new_key_size || new_cipher)
-			new_key_size = get_adjusted_key_size(mode, new_key_size,
+			new_key_size = get_adjusted_key_size(cipher, mode, new_key_size,
 							 DEFAULT_LUKS1_KEYBITS, 0);
 		else
 			new_key_size = key_size;