Justin Troutman
Kenn White
@justintroutman @tqbf @matthew_d_green reviving an old thread, but did you see this announcement? https://technet.microsoft.com/en-us/library/mt403325(v=vs.85).aspx … (HT @gebl)
Does anyone know why Microsoft removed the Elephant diffuser from BitLocker starting in Windows 8? http://technet.microsoft.com/en-us/library/hh831713.aspx …
-
-
-
@kennwhite@tqbf@matthew_d_green@gebl My feeling is that bullet point one (FIPS compliance) echoes the reason for Elephant's removal.
-
-
-
@justintroutman I don't like any of the reasons I can guess at -
@obs3sd Unconfirmed claim: http://mywindows8.org/choose-bitlocker-drive-encryption-method-and-cipher-strength-in-windows-8-1/ …. "Debaleena" states, "Microsoft removed Elephant Diffuser from Windows 8 by NSA request."
-
-
-
@justintroutman Let me know if you hear anything else about this. It seems bad. -
@justintroutman The reason it seems particularly bad is this:pic.twitter.com/TIcz230CEQ
-
@matthew_d_green Yes. Poor-man's authentication via a special purpose diffuser is a design risk you take *because* you believe you need it.
-
-
-
@justintroutman Probably they discovered some unpublished weakness. -
@centrologic_es It's possible; at least, if this is the case, it wouldn't affect the security of the AES.
-
Peter N. Biddle
Matthew Green
Juan Miguel Taboada
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.