[dm-crypt] Is dm-crypt LUKS FIPS 140-2 compliant

Arno Wagner arno at wagner.name
Tue Mar 20 17:23:09 CET 2012


That is a bit difficult to answer. It seems that 
LUKS is indeed FIPS 140-1 compliant. However it is
not FIPS 140-1 certified (and once a specific implementation
is, it cannot be changed anymore without losing
that certification it seems). 

AFAIK there are efforts underway to get a specific 
implementation (RHEL6) certified. If you go into the
mailing lost archive at
 http://dir.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt
and search for "FIPS", you can find more on this question.

Arno


On Tue, Mar 20, 2012 at 09:15:15AM -0700, Alex Szczuka wrote:
> ?
> Hi,
> ?
> ?My question is about???FIPS certification.? 
> ?Is the dm-crypt LUKS FIPS 140 compliant? or? is 
> it going to be in? the future?
> ?
> Thanks? 
> Alex

> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt


-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno at wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 


More information about the dm-crypt mailing list