NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Readynas 628x Encryption-what standard
Does anyone know specifically what type of encryption this NAS uses. I'm concerned about potentially using it with CMMC standard and need to know what encryption it's using.
If it's in the documentation.. I certainly can't find it
SidSheldon wrote:Sadly this does not answer the question. Is the 256 AES to the FIPS ENCRYPTED certified standard . That becomes a yes or no answer. Which is it?
Actually, it answers the question you asked, but doesn't give enough information for what you really want to know. FIPS doesn't just certify an encryption type (like AES), it certifies an implementation as well.
Per Aadvanced-encryption-standard-aes , AES does meet the FIPS standard:
Abstract
The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data.
But it is doubtful that Netgear expected the ReadyNAS to be used in an environment that requires FIPS certification and would go to the expense of getting it. A second party cannot use another's FIPS-certified code and claim certification without getting the implementation certified. Even if you could, I don't know how you'd prove the code was not altered, and I don't even know that Netgear didn't. I know that different Red Hat kernels have different FIPS certifications, so you can't even update your own product and not get re-certified.
ReadyNAS encrtption appears to be based LUKS. LUKS does have a "FIPS compliant" mode, which is the default, but can be installed without it. That would seem to indicate that Netgear probably could get ReadyNAS OS6 FIPS certified if so inclined. But I know some have tried and failed to use LUKS to open an encrypted volume in generic Linux and had no luck, so Netgear may have modified it.
4 Replies
Replies have been turned off for this discussion
Per page 4 of the spec sheet (RN626_RN628_tcm148-86867 ), 256 bit AES..
Sadly this does not answer the question. Is the 256 AES to the FIPS ENCRYPTED certified standard . That becomes a yes or no answer. Which is it?
This is a community forum, and neither Sandshark nor I work for Netgear. Since you want more information than is in their datasheets, you should be talking directly with Netgear. The mods ( JohnCM_S or Marc_V ) might be able to help.
Though I would point out that your image already says "There is only one way to check if a vendor's product is FIPS validated - through the validation system the government has set up".
Netgear isn't listed there: https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search/all But it is possible that the software they are using for disk encryption was validated by the company that created that software.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
