Re: [Fed-Talk] FileVault2 Security Config
Re: [Fed-Talk] FileVault2 Security Config
- Subject: Re: [Fed-Talk] FileVault2 Security Config
- From: "Blumenthal, Uri - 0668 - MITLL" <email@hidden>
- Date: Wed, 17 Aug 2011 15:24:14 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] FileVault2 Security Config
There are two issues to consider. One is AES-128 vs AES-256. And anybody who states that AES-128 is "easily broken" most likely is totally clueless.
Another issue is whether iPad or FV2 implementation is secure - and here the algorithm used is irrelevant. As I don't know implementation details for either one, I can't comment - except that whatever weakness FV2 or iPad may have is not related to the choice of crypto algorithm used.
Based on experience in this particular field (Crypto), I have formulated my professional opinion.
--
Regards,
Uri
----- Original Message -----
From: Pike, Michael (IHS/HQ) [mailto:email@hidden]
Sent: Wednesday, August 17, 2011 01:32 PM
To: Blumenthal, Uri - 0668 - MITLL
Cc: email@hidden <email@hidden>
Subject: Re: [Fed-Talk] FileVault2 Security Config
Heh I understood. Someone said the iPad was aes128 and he said then it's was easily broken. You can formulate your opinion on his statement. I'll refrain.
Sent from my iPhone 4
On Aug 17, 2011, at 11:18 AM, "Blumenthal, Uri - 0668 - MITLL" <email@hidden> wrote:
> Nothing interesting, really - just some fresh BS.
>
> AES-128 is an approved US Government algorithm for protecting Classified information up to SECRET level.
>
> Read carefully through this: http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
>
> Either you didn't understand what that person was telling you, or he doesn't have a clue.
>
> --
> Regards,
> Uri
>
> ----- Original Message -----
> From: Pike, Michael (IHS/HQ) [mailto:email@hidden]
> Sent: Wednesday, August 17, 2011 12:38 PM
> To: email@hidden <email@hidden>
> Subject: [Fed-Talk] FileVault2 Security Config
>
> So I had an interesting conversation with our security folks today… someone lost an ipad and luckily it is aes256… FV2 however is AES128.
>
> I was told AES128 is a joke in the government's eyes… doesnt make me feel to good that's for sure!!
>
> I know windows bitlocker will allow you to force it to 256 with a setting… is there somewhere in Lion you can configure it to use 256 (I realize there is a performance hit most likely), but now I'm being told AES128 will not suffice for security approval.
>
> Hard to believe my iPad is more secure than my MBPro.
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden