NIST Validation Of OpenSSL Algorithms

An anonymous reader submits "On Monday, May 10, 2004, the National Institute of Standards and Technology (NIST) posted a notice that the AES, DES, 3DES, DSA and SHA-1 algorithms for OpenSSL have been validated. The validation notices can be found at the following NIST sites: Advanced Encryption Standard (AES) Algorithm (Certification # 146); Data Encryption Standard (DES) Validated Implementations (Cert # 258); Triple Data Encryption Algorithm (TDEA, a.k.a. "Triple DES"): (Cert # 256); Digital Signature Algorithm (DSA) Validation System: (Cert # 108); Secure Hash Algorithm (SHS) Validation System: (Cert # 235). Successful validation of these algorithms does NOT mean that OpenSSL has received FIPS 140-2 validation, yet. The overall FIPS 140-2 validation effort for OpenSSL is still in process. Additional updates will be posted on the OSSI web site, www.oss-institute.org. NIST validation of these algorithms does, however, signify a major milestone in OSSI's efforts to secure the FIPS 140-2 validation for OpenSSL. Please post any questions that you might have to questions@oss-institute.org."

Re:Hmm

[alex_tibbles]

Strictly speaking the validation is only of the _implemenation_ of these algorithms. The NSA did invent SHA, but all these algorithms have stood up to academic attack (that we know of).

Re:Hmm

[Spiked_Three]

Encryption is math - all math is solvable - some math solutions take resources most people don't have, this does not technically constitute a back door, but you can bet your sweet bippy if the (US) government allows you to transmit it, they have a way to decrypt it.
Want to try an experiment - come up with really decent random number generator (not based on FIPS or built in functions) and send a fake encrypted message twice a day to someone in a foreign country. See how long before you are visited :)