Just want to say "for the record" that SafeBoot doesnt do anything so pointless, and again, (for the record) I don't know anyone who wraps keys with passwords - if anything they are wrapped using PKCS-5 expansions which are as strong if my math is right as the key itself (if of course you use salt and the same alg like AES 256). Anyone "highly vulnerable to an exhaustive search attack" certainly wouldnt get FIPS or CC certification.
I think Robert that SafeBoot used to support the Spyrus cards, it was certainly one of the options in our older products about 10 years ago but fell into disuse. If your company would like us to add this back in I'd sure be interested. S. On Jul 3, 1:44 pm, "Robert Jueneman" <[EMAIL PROTECTED]> wrote: > All other FDE vendors (at least to the best of my knowledge) wrap the > disk encryption key in RSA-2048, or only RSA-1024. Worse yet, many only > wrap the key in a password and then write that obfuscated key blob to > the disk or removable token, making it highly vulnerable to an > exhaustive search attack. > > _______________________________________________ FDE mailing list [email protected] http://www.xml-dev.com/mailman/listinfo/fde
