itsmall improvement to ISO compliancy documentation - tomb - the crypto undertaker Err parazyd.org 70 hgit clone git://parazyd.org/tomb.git URL:git://parazyd.org/tomb.git parazyd.org 70 1Log /git/tomb/log.gph parazyd.org 70 1Files /git/tomb/files.gph parazyd.org 70 1Refs /git/tomb/refs.gph parazyd.org 70 1README /git/tomb/file/README.md.gph parazyd.org 70 1LICENSE /git/tomb/file/COPYING.gph parazyd.org 70 i--- Err parazyd.org 70 1commit b0815b514b81851a47199cf0a4b15a5e47d3e606 /git/tomb/commit/b0815b514b81851a47199cf0a4b15a5e47d3e606.gph parazyd.org 70 1parent 3f06bce8eb91eac4622549ae184d2ec9f4b90cc3 /git/tomb/commit/3f06bce8eb91eac4622549ae184d2ec9f4b90cc3.gph parazyd.org 70 hAuthor: Jaromil URL:mailto:jaromil@dyne.org parazyd.org 70 iDate: Mon, 20 Feb 2017 19:35:51 +0100 Err parazyd.org 70 i Err parazyd.org 70 ismall improvement to ISO compliancy documentation Err parazyd.org 70 i Err parazyd.org 70 iDiffstat: Err parazyd.org 70 i M README.md | 17 +++++++++++------ Err parazyd.org 70 i Err parazyd.org 70 i1 file changed, 11 insertions(+), 6 deletions(-) Err parazyd.org 70 i--- Err parazyd.org 70 1diff --git a/README.md b/README.md /git/tomb/file/README.md.gph parazyd.org 70 it@@ -178,19 +178,24 @@ plain) encryption algorithm. Err parazyd.org 70 i Err parazyd.org 70 i ## Compliancy Err parazyd.org 70 i Err parazyd.org 70 i-Tomb volumes are fully compliant FIPS 197 and with: Err parazyd.org 70 i+Tomb qualifies as sound for use on information rated as "top secret" when used on an underlying stack of carefully reviewed hardware (random number generator and other components) and software (Linux kernel build, crypto modules, device manager, compiler used to built, shell interpreter and packaged dependencies). Err parazyd.org 70 i Err parazyd.org 70 i-- [ISO/IEC 18033-1:2015](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54530) Information technology -- Security techniques -- Encryption algorithms -- Part 1: General Err parazyd.org 70 i-- [ISO/IEC 18033-3:2010](http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54531) Information technology -- Security techniques -- Encryption algorithms -- Part 3: Block ciphers Err parazyd.org 70 i+Tomb volumes are fully compliant with the FIPS 197 advanced encryption standard published by NIST and with the following industry standards: Err parazyd.org 70 i+ Err parazyd.org 70 i+- Information technology -- Security techniques -- Encryption algorithms Err parazyd.org 70 i+ - [ISO/IEC 18033-1:2015](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54530) -- Part 1: General Err parazyd.org 70 i+ - [ISO/IEC 18033-3:2010](http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54531) -- Part 3: Block ciphers Err parazyd.org 70 i Err parazyd.org 70 i Tomb implementation is known to address at least partially issues raised in: Err parazyd.org 70 i Err parazyd.org 70 i-- [ISO/IEC 11770-1:2010](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=53456) Information technology -- Security techniques -- Key management -- Part 1: Framework Err parazyd.org 70 i-- [ISO/IEC 11770-2:2008](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=46370) Information technology -- Security techniques -- Key management -- Part 2: Mechanisms using symmetric techniques Err parazyd.org 70 i+- Information technology -- Security techniques -- Key management Err parazyd.org 70 i+ - [ISO/IEC 11770-1:2010](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=53456) -- Part 1: Framework Err parazyd.org 70 i+ - [ISO/IEC 11770-2:2008](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=46370) -- Part 2: Mechanisms using symmetric techniques Err parazyd.org 70 i - [ISO/IEC 27005:2011](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=56742) Information technology -- Security techniques -- Information security risk management Err parazyd.org 70 i - [ISO/IEC 24759:2014](http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=59142) Information technology -- Security techniques -- Test requirements for cryptographic modules Err parazyd.org 70 i Err parazyd.org 70 i-As such Tomb qualifies sound for use on information rated as "top secret" when used on an underlying stack of carefully reviewed hardware (random number generator and other components) and software (Linux kernel build, crypto modules, device manager, compiler used to built, shell interpreter and packaged dependencies). Err parazyd.org 70 i+Any help on further verification of compliancy is very welcome, as the access to ISO/IEC document is limited due to its expensive nature. Err parazyd.org 70 i+ Err parazyd.org 70 i Err parazyd.org 70 i # Use stable releases in production! Err parazyd.org 70 i Err parazyd.org 70 .