[EMAIL PROTECTED] wrote: > ... > We came back to my point that in the most important applications, > disk-internal encryptions, there is NO interoperability.
Laszlo, it is legitimate for you to have this viewpoint, but we have to be very careful that the standard does not contain any wordings that suggest that "the most important applications" are this technology or the other. Accrdingly, I very much object to the following comments (taken from a previous post from Jan-15): > 1.1 (first line) to be added: in magnetic (hard) disk drives. Not necessarily, other technologies can use it as well. > ... and external encryption is not best served with this standard. That's your opinion, others may disagree. There should be nothing in the standard to support (or refute) this opinion. We are not in the business of evaluating which technology is best suited for "secure storage". > --- (Last paragraph on page 5) The goal of data decryption in another > device cannot be achieved if the standard is implemented in disk > drives. Raw (encrypted) data cannot be (must not be allowed to be) > moved from one device to another. Reword the second sentence to > reflect, that if data is encrypted by a disk-external implementation of > the standard (not recommended because of the possible traffic analysis), > than other compliant external decryption engines could decrypt the data. > But, this goal is of questionable value. Why do we want to promote an > inherently dangerous use of the standard? I'm wholeheartedly opposed to incorporating any of these value-judgment assertions in the standard. > And, why do we use this finite field, at all? There are simple rings, > which should work here better. Not that I know of. Zero-divisors will typically kill you here. -- Shai
