What Victor is (correctly) trying to say is that you have not yet
defined the problem.
encrypting each file is a possible solution. It is not the problem.
What is your data, what is it's value, where does it exist over its
life, who is the attacker, what is the access, what will the attacker
It is a development design, and support issue. They want to use what is
native in the operating system. Since we are talking about solaris that
makes it OpenSSL.
David Gianndrea
Senior Network Engineer
Comsquared Systems, Inc.
Email: [EMAIL PROTECTED]
Web: www.comsquared.com
Rich Salz
It is a development design, and support issue. They want to use what is
native in the operating system. Since we are talking about solaris that
makes it OpenSSL.
Solaris bundles OpenSSL? I didn't know that; neat. Of course you
still have to design, write, and maintain your own software built
I’m sorry guys, but I can't get into to much more detail. Both Victor,
and Ken are correct, and we know those answers. After talking with
our director of development yesterday, I may have convinced him to
seek the help of someone who does crypto implementation for a living.
Basically to have
I wonder if some one could point me to some high level document
that would describe where, and when you would use ECB, CBC, CFB, OFB
modes. I have some developers that are trying to include
encryption into some code, and there seems to be some confusion
among them.
--
David Gianndrea
Senior
On Tue, Oct 18, 2005 at 09:31:44AM -0400, David Gianndrea wrote:
I wonder if some one could point me to some high level document
that would describe where, and when you would use ECB, CBC, CFB, OFB
modes. I have some developers that are trying to include
encryption into some code, and there
In message [EMAIL PROTECTED] on Tue, 18 Oct 2005 09:31:44 -0400, David
Gianndrea [EMAIL PROTECTED] said:
dgianndrea I wonder if some one could point me to some high level
dgianndrea document that would describe where, and when you would use
dgianndrea ECB, CBC, CFB, OFB modes. I have some
Sorry I forgot to state that it is to encrypt file data on storage
devices such as disks, and tapes. I agree with your statement of
appearance, but im trying to get the folks the resources that they
need to do it correctly. They are currently in the design, and spec
phase of this, so now is the
On Tue, Oct 18, 2005 at 10:40:21AM -0400, David Gianndrea wrote:
Sorry I forgot to state that it is to encrypt file data on storage
devices such as disks, and tapes. I agree with your statement of
appearance, but im trying to get the folks the resources that they
need to do it correctly. They
Ok that is good info. What about just doing file level encryption.
As an example you have a disk with a bunch of files, and it is
only those files you would want encrypted, and the issue is more
a confidentiality is required / media loss issue then a tamper issue?
We are looking to use AES-256
, and when and where you would use them.
Ok that is good info. What about just doing file level encryption.
As an example you have a disk with a bunch of files, and it is only those
files you would want encrypted, and the issue is more a confidentiality is
required / media loss issue then a tamper
On Tue, Oct 18, 2005 at 11:09:51AM -0400, David Gianndrea wrote:
Ok that is good info. What about just doing file level encryption.
As an example you have a disk with a bunch of files, and it is
only those files you would want encrypted, and the issue is more
a confidentiality is required /
Sorry Victor, Im not explaining it very well. Let me try again.
What we need to do is to protect data from the point of view of
ensuring that if the media it is on be that a hard drive, tape, or
optical disk is encrypted. For our system that is best done by
encrypting each file on a file by file
why not uses pgp
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
__
OpenSSL Project
On Tue, Oct 18, 2005 at 07:08:38PM -0400, Rich Salz wrote:
why not uses pgp
Indeed, but with any file-by-file encryption tool, one also needs to ask
about the lifecycle of the plain-text pre-images and and working decrypted
copies. It is very hard to not leak additional plain-text copies that
15 matches
Mail list logo
