On Tue, Oct 18, 2005 at 11:09:51AM -0400, David Gianndrea wrote: > Ok that is good info. What about just doing file level encryption. > As an example you have a disk with a bunch of files, and it is > only those files you would want encrypted, and the issue is more > a confidentiality is required / media loss issue then a tamper issue? > > We are looking to use AES-256 for this. >
A strong cipher used badly can give worse security than a weaker cipher used well. Is your application a crypto disk, a crypto filesystem, or a utility to encrypt and decrypt files. Is the threat model loss of physical media, or are files encrypted for transmission or on-line network access? You are still looking for algorithm recommendations (a common error) when you should be looking for a security analysis of your problem, the algorithm is the easy part at the end of the analysis. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]