RE: cryptography

From: Cushing, David (David.Cushing@hitachisoftware.com)
Date: 03/26/02


Date: Tue, 26 Mar 2002 14:55:27 -0500
From: "Cushing, David" <David.Cushing@hitachisoftware.com>
To: "Brannon Wilson Smith" <azrael@wam.umd.edu>, "davie elliott" <desoftware@yahoo.com>

Davie,

Were you looking to secure client/server communications?

A common programming solution for this requirement would be to use
OpenSSL (http://www.openssl.org/) for c++ or JSSE
(http://java.sun.com/products/jsse/) for Java.

You don't need to be an expert on the underlying algorithms to work with
the libraries. You will have to gain a basic understanding of X.509
certificates, or follow examples like a monkey and hope for the best!

The basic gist is:
* Create certificates for the client(s) and server(s)
http://www.post1.com/home/ngps/m2/howto.ca.html

* Add code to use the certs and validate the other end of the
connection. (Follow examples).

* Protect your private key files. These are usually password protected.

Here are some relevant articles:
http://www.ddj.com/documents/s=901/ddj9907c/9907c.htm
http://www.iplanet.com/developer/docs/articles/security/pki.html
http://www.iplanet.com/developer/docs/articles/security/ssl.html

Regards,
David

> -----Original Message-----
> From: Brannon Wilson Smith [mailto:azrael@wam.umd.edu]
> Sent: Monday, March 25, 2002 1:17 PM
> To: davie elliott
> Cc: security-basics@securityfocus.com
> Subject: Re: cryptography
>
>
> There is definitely more to encryption than one algorithm.
> AFAIK, most
> banks are using triple DES at the moment. RSA is a popular
> algorithm, but
> there are a few problems with it (for you): 1) you must be
> able to pick
> large primes, which means you need to know fermat's little
> theorem as well
> as having some sort of large integer class, 2) you must be
> able to pick
> and encryption exponent appropriately, which is more
> computation. You can
> search for RSA online, and you'll find some reasonable explanations.
> DES employs left-right shifts, and an arbitrarily chosen function and
> key. It's tough to explain, but there are a lot of places online that
> have good explanations. Again, there's a problem that you
> need a large
> integer class.
>
> Good luck.
>
> --Brannon Smith
>
> On Sat, 23 Mar 2002, [iso-8859-1] davie elliott wrote:
>
> > I was wondering if I could get a little information
> > please.
> >
> > I have to do a huge program at the end of my course
> > and I was thinking about making a bank program. I
> > would like to make it as realistic as possible, so I
> > have had a look at some encryption algorithms.
> > However, one of my lecturers has told me that there is
> > more to encrytion than just one algorithm. I was
> > wondering if anyone can give me a few sites or point
> > me in the right direction so that I can reaserch into
> > encrytpion deeper.
> >
> > Thank you
> >
> > P.S. someone posted a couple of sites a while back on
> > cryptography, but I had to format before I got chance
> > to view them. I would e greatful if that person could
> > repost them.
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Everything you'll ever need on one web page
> > from News and Sport to Email and Music Charts
> > http://uk.my.yahoo.com
> >
>
>



Relevant Pages

  • Re: A new encryption software of mine
    ... and zero rigorous analysis or testing. ... the algorithm was designed as an extreme parallel algorithm, ... random data that the programmers who wrote STS assumed that it simply ... this is the *worst* possible thing that could happen to any encryption ...
    (sci.math)
  • Re: New Encryption Idea
    ... performing the 5 reads necessary in the example algorithm results in a delay ... Panama at 400MB/sec, or RC4 at about 90MB/sec, or AES in CTR mode at ... and the speed failings of your design become very clear. ... > Manansala Encryption and Authentication System ...
    (sci.crypt)
  • Meganets "unbreakable" cryptography? Im skeptical.
    ... Meganet makes such grandiose claims that I can't help but ... There's plenty of coverage on secret encryption algorithms ... encryption algorithm that was granted U.S. Patent ... Labor has bought into this "snake oil" and without a doubt ...
    (sci.crypt)
  • Re: Enigma machine strenght using a computer
    ... cipher with rotors that spin backwards, forwards, stop and start based ... on other rotors, change their values according to the phase of the moon ... encryption less error-prone and they were a cost effective way to get ... case) than not since a wider base uses the same algorithm. ...
    (sci.crypt)
  • Re: A new encryption software of mine
    ... the algorithm was designed as an extreme parallel algorithm, ... good encryption algorithms *really* need ... the reason for testing against regular patterns is to test whether there ... then you should move on to CBC because what ...
    (sci.math)