Re: [Fed-Talk] Lion File Vault encryption
Re: [Fed-Talk] Lion File Vault encryption
- Subject: Re: [Fed-Talk] Lion File Vault encryption
- From: "Miller, Timothy J." <email@hidden>
- Date: Thu, 07 Jul 2011 08:30:53 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Lion File Vault encryption
Federal law requires algorithm and key strength commensurate with data protection requirements. Implementation guidance is given in NIST SP800-57 "Recommendation for Key Management Part 1" (see Section 5.6, "Guidance for Cryptographic Algorithm and Key Size Selection"). AES128 offers 128 bit-equivalent security (see Table 2) which is sufficient for security protection beyond 2030 (see Table 4).
Anyone telling you otherwise needs to cite their authority for the requirement. E.g., designated National Security Systems fall under a different regulatory regime and must obey CNSS policy and instructions, which while substantially similar have some differences (especially re: certifications).
-- T
On Jul 6, 2011, at 11:25 PM, John Vanderau wrote:
> Has anyone found out anything about the level of encryption afforded by Lion's File Vault's FDE? I am concerned that if it's not AES-256, then nothing will have been gained by the federal user as anything less than AES-256 does not meet the minimum standards for acceptable encryption for federal users. But I can't find out anything about what level of encryption Lion File Vault FDE will be.
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden