2002-07-08-15:56:54 Mario Behring: > The purpose is to transfer data between sites securely using emails, HTTP, > FTP, IP (LAN/WAN), etc.
You need an encryption product. PGP is probably a good starting point; my favourite PGP implementation these days is GnuPG <URL:http://www.gnupg.org/>. > Which algorithm should I use: 3DES or SHA-1 ? The question as stated doesn't make sense. 3DES (three applications of DES, a 56-bit key symmetric cypher, to yield a composite cypher with 112 or 168 bits of key) takes some key material, and a plaintext, and produces a cyphertext. SHA-1 is a cryptographic hash; it takes some plaintext and produces a fixed-size hash with some valuable cryptographic properties. In any case, you should use a product that implements cryptographic protocols (applications of appropriate cryptographic algorithms) that have been carefully analyzed and found strong, built in turn atop suitably strong cryptographic algorithms. For file encryption, PGP is pretty much it. For socket-level network encryption, TLS (nee SSL) is the protocol of choice; for secure remote shell, ssh is as good as we have; for VPN, you want IPSec, etc. You may find my intro paper to crypto helpful for getting an orientation to the field: <URL:http://bent.latency.net/crypto/>. -Bennett
msg07892/pgp00000.pgp
Description: PGP signature
