Re: Expert View: Releasing yet another crypto program

From: Bill Unruh (unruh_at_string.physics.ubc.ca)
Date: 01/24/04 

Date: Sat, 24 Jan 2004 19:40:05 +0000 (UTC)

cipherguy@37.com (CipherGuy) writes:

]In the market flooded with crypto programs "Good" or "Snake oil" and
]available as Shareware or Freeware, I want to release my product
]in the market. But before I release it, I want to get some queries
]answered from all you experts in order to make it a real thing. But
]let me tell you all before that I have decided to use PGP SDK, for
]my program not to be called a "Snake Oil". I have asked PGP Corp. for
]permission and soon will be purchasing it.

]Here are my queries:

](1) What you expect from a good crypto system,....I mean features
] other than encryption by standard algorithms?

reliability, ease of use, security, speed not in that order.

](2) I will use PGP SDK, but I don't want to disclose the source code,
] since my program will be a combination of many small utilities.

Well, you just threw security out the window. Why should anyone believe
that your product is secure? Any snake-oil salesman can claim security.
How is the user to test that it is secure, that you are believable?

](3) If I get a license of PGP SDK, will I need to apply for license
] for each crypto algorithm, like RSA, Blowfish etc.?

Yes, although the two you mentioned have no IP restrictions except
copyright on specific implimentations.

]Regards,
]CipherGuy.

Loading