Join 34,000+ subscribers and receive articles from our
blog about software quality, testing, QA and security.

Log file encryption question


#1

Hi,

The manual states that the log file can be encrypted using AES 128bit, is there any way to set this to be AES 256bit for added security ?

Regards
NicKT


#2

Hello,

there’s currently no (built-in) way to configure it for 256 bit. However, even 128 bit AES is considered very secure and should be the “right” solution for most applications (trade-off between performance and security, among other reasons). Bruce Schneier (security expert, you probably know him) even recommends 128 bit over 256 bit:

http://www.schneier.com/blog/archives/2009/07/another_new_aes.html

That said, it is still possible to use AES 256, but you would need to implement your own custom file protocol or extend the built-in one. And since the SmartInspect Console has only support for 128bit AES, you would need to decrypt the log files manually before loading them into the Console.

Regards,
Tobias