1 Reply Latest reply on Sep 22, 2011 8:36 AM by SafeBoot

    "AES-NI support, 256bit" algorithm.

    TK45

      Hi,

       

      We can use a new algorithm "AES-NI support, 256bit" as an Intel AES-NI encryption algorithm from 5.2.x.

      However, the algorithm is NOT a FIPS compliant, I think.

      And, as you know, according to NIST 800-57, NIST recommends more security algorithm, the details is opened as KB66237(https://kc.mcafee.com/corporate/index?page=content&id=KB66237)

      Generally speaking, all of algorithm NIST recommends is FIPS compliant algorithm, I believe.

       

      So, I have a question.

       

      I am afraid that the algorithm of not compliant FIPS does not adjust to NIST 800-57...

      "AES-NI support, 256bit" has already adjusted to the NIST 800-57 statement?

       

      Regards,

        • 1. Re: "AES-NI support, 256bit" algorithm.

          The twovalgs are actually bit compatible, but one has been formally certified, the other has not. There's no difference between them cryptographically though.

           

          Whether you need to be using a certified alg is up to your personal policy though.

          1 of 1 people found this helpful