Don't call it NIST certified | Message 15 of 1 | TechRepublic

Click Here

Discussion on:

Encryption busted on NIST-certified Kingston, SanDisk and Verbatim USB flash drives

View entire thread

Message 15 of 1

Next » « Prev

0 Votes

+ -

Don't call it NIST certified

georgeou 6th Jan 2010

Some of algorithms used by the products meet NIST FIPS
standards, but that's far different than being NIST
certified. If you wanted to sell a device to the
government for top secret usage for example, and even if
all the components meet the standards, the NSA still
inspects the implementation. Just because you're using
AES doesn't mean you implemented AES correctly.

In this case, the products implement strong encryption
but useless authentication.

Reply
Flag

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

A CNET Professional Brand

ZDNet

Log In | Join | Site Assistance | Follow via Twitter Facebook Email

All of ZDNet
Reviews
Downloads

Featured Articles

Top Productivity Apps for the iPad 3

Top Productivity Apps for the iPad 3

The new iPad is a good tool for getting things done.

Facebook Lockdown: The Definitive Guide

Facebook Lockdown: The Definitive Guide

Facebook's privacy and security settings have changed massively.

A power user's guide to Windows 8

A power user's guide to Windows 8

Ed Bott reveals small but useful hidden shortcuts, surprises, and secrets.

Love stinks: The worst mergers in tech

Love stinks: The worst mergers in tech

Corporate mergers can end in utter disaster.

Services

Popular on CBS sites: US Open | PGA Championship | iPad | Video Game Reviews | Cell Phones

© 2012 CBS Interactive. All rights reserved. Privacy Policy | Ad Choice | Terms of Use

Around the network