Sometimes it is hard to find in this list…
668 | Open Source Software Institute Administrative Office P.O. Box 547 Oxford, MS 38655 USA
-John Weathersby TEL: 601-427-0152 FAX: 601-427-0156
| OpenSSL FIPS Object Module Library
Version 1.1.2 | Intel Pentium 4 w/ SUSE Linux 10.2 | 12/17/2007 | ECB(e/d; 128,192,256); CBC(e/d; 128,192,256); CFB8(e/d; 128,192,256); CFB128(e/d; 128,192,256) )
"The OpenSSL FIPS Cryptographic Module is a validated source code component of the standard OpenSSL distribution that can be downloaded from the http://openssl.org/ website." |
V/R, Wm. Cerniuk
Ph: 703.594.7616
On May 6, 2010, at 3:22 PM, Wm. Cerniuk wrote: ALCON: Have been chatting with the Mocana folks.
Their base price is 40Kish per product you produce or they negotiate a percent of sales if it makes sense. You get the full code base and a years worth of support and revisions. There is a support option to continue at a lesser rate each year.
What is interesting about them is that their solution is developed for the embedded market. Very tight, very lean code. It also seems well supported from the feel I got from the conversation.
And for clarification, their encryption is designed for data in motion (aka across the TCP channel). You can certainly use it for data at rest (files) but it is robust enough and fast enough for data in motion in an embedded real-time environment.
Also, don’t know how many have checked but there is also the free and open source OpenSSL libraries. ( aka 0K per product ;-) ) This is also NIST certified FIPS compliant and is also a transport encryption which has a standard file format for use as a data at rest encryption. Nice.
Shawn Geddis: I understand the rule on maintaining the certification is that the code has to not have and any ’significant’ modification and the certification remains in tact. What is your understanding of that?
Very Respectfully, Wm. Cerniuk Technology Director / Sr. Technologist VHA Office of Health Information Chief Health Informatics Office Dept. of Veterans Affairs
Ph: 703.594.7616 Time is Short, and the Water Rises
On May 6, 2010, at 3:00 PM, Simon, Gary wrote: So, we have looked at all of these products and two are essentially a replacement for the mail app and will ensure that your mail is encrypted point-to-point. The other one is a developers toolkit and will allow you to incorporate their encryption framework into your own application. There still does not seem to be anything out there available to ensure that all data at rest on the iPhone/iPad can be adequately protected. At least not in iPhone OS 3.x.
Anybody have any leads on something along the lines of a FDE FIPS 140-2 certified product for the iPhone?
On Apr 27, 2010, at 4:26 PM, Tony Greiner wrote: Both these have FIPS iPhone/iPad solutions...
http://www.good.com/iphone/
Tony Greiner Holman's Inc. Apple Technical Consultant 6201 Jefferson St. NE Albuquerque, NM 87109 (505)343-3529
On Apr 26, 2010, at 4:08 PM, Wm. Cerniuk wrote: Helps quite a bit! On Apr 26, 2010, at 5:28 PM, Kurt Stammberger < email@hidden> wrote: Lee: You asked about using FIPS 140-2 for iPad; a company called Mocana recently announced a FIPS validation for the iPad: http://mocana.com/press2010-04-05.htmlThe caveat: its for their developers' toolkits (they're not finished encryption applications) so you'd need to have one of your coders build something for you. Hope this helps Kurt
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
|