Re: [Fed-Talk] Lion File Vault encryption
Re: [Fed-Talk] Lion File Vault encryption
- Subject: Re: [Fed-Talk] Lion File Vault encryption
- From: "Blumenthal, Uri - 0668 - MITLL" <email@hidden>
- Date: Thu, 07 Jul 2011 16:03:52 -0400
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Lion File Vault encryption
Not to pick nits, but for Classified use *both* algorithm (design) and implementation require approval.
--
Regards,
Uri
----- Original Message -----
From: Miller, Timothy J. [mailto:email@hidden]
Sent: Thursday, July 07, 2011 03:54 PM
To: Fed Talk <email@hidden>
Subject: Re: [Fed-Talk] Lion File Vault encryption
On Jul 7, 2011, at 11:33 AM, Blumenthal, Uri - 0668 - MITLL wrote:
> AES-128 has not been broken, and is still approved to protect Classified information up to SECRET. If you crack it - don't forget to let NSA know. :)
>
> AES-256 is still approved to protect up to TOP SECRET (there were some attacks against AES-256, but they are not practical in any sense).
Lest someone do something stupid, let me repeat myself: any *implementation* of a cryptographic module used to protect data classified at SECRET or higher must be approved by the NSA. An algorithm may be *acceptable*, but that's not the same as *approved.* Only implementations are approved.
A fine point, but an important one.
-- T
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden