On Sun, 27 Jan 2002 13:59:37 -0500, "Bill Davidson" <[EMAIL PROTECTED]> wrote:
>Ok, got your point on encryption algorithms. Public encryptions scare me, >as at least they offer hints on to how they're done, making TRUE hackers one >step closer to knowing where to look to find the key, or what the basis of >the algorithm is. Yeah, there are certainly good ones out there, thus I >retract my blanket suggestion to roll your own. Dave's probably right. I think you've got that original reasoning completely backwards as well, as Dave mentioned. The safest crypto is the one that's been in the public for years and been assailed by hackers and the like and stood up to the challenge. The most dangerous thing to do is roll your own private crypro alg. Almost every instance of a (non-gov) private crypto that hacker/crypto-analysis folk have gone up against in recent years (that anyone talks about) have failed under a real-world attack. Good crypto design is, very, very hard. Unless you know what you're doing and spend years exhausting possible attacks against the alg, it's most likely any decent cryptographer will be able to spot a weakness in your alg and code to break it in very short order. I not a cryptologist myself, but I did a little hacking in my earlier days and have been studying crypto in detail of the last year.... I would very strongly advise to listen to the herd mentality and stay with the known and tested algs. --min ______________________________________________________________________ Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation · $99/Month · Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusiona FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
