FW: ADSM Traffic encrypted?
2000-02-18 07:30:06
Hello dear *SMers and dear *SM-developpers,
> Obviously 56bit encryption is better than nothing but if Microsoft can get
> permission for a company like ours to have 128bit encryption surely Tivoli
> could do something similar. I do not know the details of *SM but if I were
> the product manager I would have an encryption bolt-on which would allow
> me to adapt to local circumstances.
>
> This being said there will be problems as far as multinational sites are
> concerned. For instance, in the past France has been one of the most
> restrictive countries concerning encryption. But this may have changed in
> the mean-time.
>
> If we are talking purely Switzerland, and for internal onsite environment
> traffic only, I would not worry too much. If I were a hacker in our
> environment there would be easier ways of getting the information than
> attacking the back ups!
>
> I do not know of any attempts to break the *SM compression & encryption
> and it may be correct to say that it would be difficult. If somebody
> obtained a cartridge with backups and really wanted to obtain the
> information they would put the resources to it (Government agencies -
> industrial espionage etc.) whereas the "casual" attacker would probably
> give up. It is possibe that Tivoli will change their approach in the
> future, as Don Warren states they have to start somewhere!
>
> Best regards
>
René Lambelet
Nestec S.A. / Informatique du Centre
55, av. Nestlé CH-1800 Vevey (Switzerland)
*+41(021) 924 3543 7 +41 (021) 924 4589 * B 133
mail to: rene.lambelet AT nestle DOT com
This message is intended only for the use of the addressee and
may contain information that is privileged and confidential.
-----Original Message-----
> From: Glen Hattrup [SMTP:ghattrup AT US.IBM DOT COM]
> Sent: Thursday, February 17, 2000 9:19 PM
> To: ADSM-R AT VM.MARIST DOT EDU
> Subject: Re: ADSM Traffic encrypted?
>
> Wayne,
>
> There are many factors that have to be considered in
> deciding the
> encryption algorithm strength. While the White House has
> just recently
> relaxed procedures for encryption products, the procedures
> are still a time
> consuming process. And despite the media attention on the
> matter, not that
> much has changed with export approval procedures. As TSM is
> an
> international product, there are other concerns that must be
> weighed in as
> well. For example, France has a separate import approval
> process that must
> be followed in order to sell any encryption type product
> there. Then there
> are other countries where we currently sell, but whose
> policies on
> cryptographic programs may change freely. I won't detail
> everything that
> must be done, but please recognize that selling "strong"
> encryption
> products generates a tremendous amount of initial and
> long-term paperwork.
>
> Regarding 56 bit DES encyrption and "why bother". I think
> you would agree
> that some encryption is better than no encryption. If
> nothing else, it
> steps up the requisite skill level of an attacker to be
> succesful. While I
> won't argue that 56 bit DES is as secure as other
> algorithms, it does
> provide another layer of security for the customer. What
> about the issue
> of standards? The algorithm selected must not have any
> "holes" in its
> encryption and must be thoroughly tested. There are also
> performance
> issues regarding algorithmic execution and stability of
> code.
>
> I don't mean this to provoke a debate on the merits of 56
> bit DES vs XYZ
> algorithm. Rather, there are many issues that must be
> weighed before we
> change the encryption algorithm used by the product.
>
> Please continue to explain your security needs so that we
> may better
> understand your requirements.
>
> Glen Hattrup
> Tivoli Storage Manager
> Server Development Team
>
>
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- ADSM Traffic encrypted?, Thomas Hans
- Re: ADSM Traffic encrypted?, Frederic Landreville
- Re: ADSM Traffic encrypted?, Richard Sims
- FW: ADSM Traffic encrypted?,
Lambelet,Rene,VEVEY,FC-SIL/INF. <=
- ADSM Traffic encrypted?, Thomas Hans
- FW: ADSM Traffic encrypted?, Lambelet , Rene , VEVEY , FC-SIL/INF . [mailto:Rene.Lambelet
|
|
|