Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Why isn't full disk encryption from manufactures a slam dunk?

From: James Fryman <james () frymanet com>
Date: Thu, 13 Sep 2007 07:56:51 -0500
dan () recyclepcs com wrote:

This would seem to be a security no brainer.  What are its limitations?



To add on what has already been pointed out - Crypto changes. Today,
<insert favorite strength of AES> or whatever flavor of crypto you use
is practically secure for the necessary lifetime or duration of the data
being protected. That could change tomorrow, and lock-in from the
particular vendor on the type of crypto in hardware is going to prevent
upgrades if the algorithm is found with a flaw, or brute-force attacks
increase with such vigor as to find a way around the cryptography.
(read: quantum computing). It is a long shot, but needs to be considered
in the scope of the risk assessment for choosing a hardware or software
based FDE solution.

My $0.02 in the pot.

Hope you find the answers you are looking for.

-James

-- 
-------------
James Fryman
Previous By Date Next
Previous By Thread Next

Current thread: