Re: Encryption as a accepted mean of sanitization

["Saqib Ali" <docbook.xml () gmail com>]

The reason I ask this question is because there is a debate going on @
Wikipedia on this topic between user:maxt and user:tngr (don't know
who they are).

See:
1) http://en.wikipedia.org/wiki/Talk:Full_disk_encryption ; and
2) http://en.wikipedia.org/wiki/FDE

IT would be nice to have some clarity on this topic.



On 10/2/06, Saqib Ali <docbook.xml () gmail com> wrote:
> Hello All,
>
> NIST recently DELETED the following paragraph from the Special
> Publication 800-88 (
> http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf
> ):
>
> "Encryption is not a generally accepted means of sanitization. The
> increasing power of computers decreases the time needed to crack
> cipher text and therefore the inability to recover the encrypted data
> can not be assured."
>
> Does that mean that NIST now accepts encryption a mean to sanitize a HDD?


--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------