Security Basics mailing list archives
Re: Encryption as a accepted mean of sanitization
From: Alexander Klimov <alserkli () inbox ru>
Date: Thu, 5 Oct 2006 12:28:12 +0200 (IST)
Hi. On Tue, 3 Oct 2006, Saqib Ali wrote:
I completely understand this. However my question was about NIST. Does NIST now recognize one-way encryption of the HDD as a possible mean to destruct the Data???
Obviously, leaving encrypted data on HDD is no more insecure than sending encrypted data thru an open channel. This is the original purpose of cryptography -- if your crypto is not good enough for this why you use it at all? Unfortunately, NIST cannot simply say the opposite (if the data was always encrypted you do not need to destroy the medium), because this must be accompanied by correct key-management. For example, if the key is derived from on-disk data and a weak password -- it is easily crackable. -- Regards, ASK --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Encryption as a accepted mean of sanitization Saqib Ali (Oct 03)
- Re: Encryption as a accepted mean of sanitization Saqib Ali (Oct 03)
- RE: Encryption as a accepted mean of sanitization Sadler, Connie (Oct 03)
- Re: Encryption as a accepted mean of sanitization Saqib Ali (Oct 03)
- Re: Encryption as a accepted mean of sanitization Alexander Klimov (Oct 05)
- RE: Encryption as a accepted mean of sanitization Sadler, Connie (Oct 03)
- Re: Encryption as a accepted mean of sanitization Saqib Ali (Oct 03)
- <Possible follow-ups>
- Re: Encryption as a accepted mean of sanitization dj . technocrat . listmail (Oct 04)