Thanks
Morris for this clarification!
Everyone else,
Here
is a message from Morris Dworkin concerning eligibility of LRW mode for FIPS
140-2 certification. Morris has published several NIST standards,
including SP800-38a "Recommendation for Block Cipher Modes of Operation", which
is the standard that specifies the allowed AES modes-of-operations for FIPS
140-2.
According to Morris, LRW is not currently an approved encryption
mode for FIPS 140-2 certification.
-Matt
-----Original Message-----Dear Matt,
Frm: Morris Dworkin [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 29, 2006 7:40 AM
To: Matt Ball
Subject: Re: IEEE P1619 LRW mode and FIPS 140-2 certification
LRW is not currently an approved encryption mode, and LRW cannot be equated to ECB for FIPS 140-2 certification. We would consider approving LRW if a proposal for it was submitted to us.
Regards,
Morris
At 09:25 AM 3/28/2006 -0700, you wrote:
Hi Morris,
I was hoping you could help me answer a question. There's been some discussion recently on the IEEE 1619 e-mail list about whether the AES-LRW mode would be acceptable for NIST FIPS 140-2 certification. I was wondering if you could help us with the official NIST stance on the LRW mode. The current speculation is that it is possible to get approval by equating LRW mode to ECB mode, where ECB is acceptable under NIST SP 800-38a. However, there is an equally good cryptographic argument that says LRW is not ECB, and therefore cannot currently be FIPS 140-2 certified. I was wondering if you could shed some light on the subject for the benefit of the IEEE 1619 workgroup.
Thanks!
Matt Ball
Embedded Software Engineer
Quantum Corporation
4001 Discovery Drive, Suite 1100
Boulder, CO 80303
(720) 406-5766
