Thanks for the response. That was my understanding, but I did not want to assume.
Carter Carter Browne CBCS cbro...@cbcs-usa.com 781-721-2890 Michael S. Zick wrote: > On Thu August 6 2009, Carter Browne wrote: > >> I saw a reference to steps to breaking AES-256 encryption, but that if >> the implementation were NIST Certified, there should be no concerns. >> However if the implementation were not certified, there could be a >> problem. In reviewing the NIST Certification list, the only OpenSSL >> versions that were certified and were not in some vendors firmware were >> the FIPS versions. As I do not use the FIPS version and I do use >> AES-256 with OpenSSL, should I be concerned? Would it be worth the >> effort to switch tot he FIPS version? Any input on this issue would be >> appreciated. >> >> > > FIPS certification is a governmental procedure. > The actual algorithms do not change - only the list of what is allowed. > If you exclude the algorithms that FIPS excludes - your cryptographically > the same (although not regulatory the same). > > Mike > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
