Time Machine Encryption Specs
Apple documents it's cryptographic certifications online:
- https://support.apple.com/en-us/HT201159
From the PDF for Crypto Officer on OS X 10.10 (these documents and evaluations happen after the OS is released, so look for 10.11 crypto certifications mid-winter to early spring) it states that
“FIPS Mode” is enabled all the time automatically without the need for installation, administration or configuration.
FileVault 2, Kerberos, Keychain Services, Software Update Services, Time Machine, VPN, and 802.1X are all FIPS 140-2 compliant
So, if you spend a lot of time reading those links - you'll see the the certification was done to Level 1 requirements. Nothing about Time Machine makes sense about network since it decrypts things to run. According to this Apple Support page, the encryption used on disk is XTS-AES 128 encryption