1 Reply Latest reply on Sep 22, 2011 8:36 AM by SafeBoot

    "AES-NI support, 256bit" algorithm.




      We can use a new algorithm "AES-NI support, 256bit" as an Intel AES-NI encryption algorithm from 5.2.x.

      However, the algorithm is NOT a FIPS compliant, I think.

      And, as you know, according to NIST 800-57, NIST recommends more security algorithm, the details is opened as KB66237(https://kc.mcafee.com/corporate/index?page=content&id=KB66237)

      Generally speaking, all of algorithm NIST recommends is FIPS compliant algorithm, I believe.


      So, I have a question.


      I am afraid that the algorithm of not compliant FIPS does not adjust to NIST 800-57...

      "AES-NI support, 256bit" has already adjusted to the NIST 800-57 statement?



        • 1. Re: "AES-NI support, 256bit" algorithm.

          The twovalgs are actually bit compatible, but one has been formally certified, the other has not. There's no difference between them cryptographically though.


          Whether you need to be using a certified alg is up to your personal policy though.

          1 of 1 people found this helpful