Re: My Problem - Hash - Encryption - Number - Public Key - Assymetric
From: Tom St Denis (tom_at_securescience.net)
Date: 06/30/04
- Next message: Michael Amling: "Re: My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Previous message: Tom St Denis: "Re: Beginner Qn: Encrypting small data"
- In reply to: Ad Rock: "My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Next in thread: Michael Amling: "Re: My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 30 Jun 2004 15:17:54 GMT
Ad Rock wrote:
> Hello,
>
> I have the following problem. I've written an app. The app generates a
> number. The user has to send that number back to me via email. The user
> is allowed to see that number. So, that number must be signed by my app
> in some way, it doesn't have to be encrypted.
>
> Working with Public Key/Private Key encryption methods such as RSA would
> probably be the best thing to do, BUT, I searched the Internet for very
> easy intuitive plain simple no-hassle straight-forward C libraries, but
> I can't find one. I know about BeeCrypt, Crypto++ and a lot of others,
> but no, ... I want something like:
>
> char *p = create_public_key();
> char *q = create_private_key();
What? No key sizes? No PRNG setup? No error codes?
> char *encrypted_message = encrypt(message, p);
> char *decrypted_message = decrypt(encrypted_message, q);
>
> THAT easy. Is there really not a library available in the PULBIC DOMAIN
> (free for commercial use) that is so easy to use? I also looked at
> GnuPG. Noooooooo...
I agree that GnuPG and OpenSSL are nightmares. They are not general crypto
kits though which is part of the reason they are hacked together.
> But maybe assymetric encryption is not necessary in this case? Because
> working with public and private keys is not that user friendly. If I
> would have to use some sort of public key, it would want it to be only 4
> digits long (or maybe 7...).
Maybe you should start with a problem statement then work out from there
instead of trying to find solutions and figure a problem they solve that is
to your liking?
> I read a bit on sci.crypt and everyone seems to agree that keeping the
> algorithm secret is not a good protection. So, inventing my own
> encryption method is not the way to go. Is it really that simple to
> crack a homebrown encryption method from assembly language?
If it's worth enough. Yes. Good crypto libraries are out there. But the
library is only part of the equation. It's how you put it to use [and your
users, and etc...] that make a secure system.
I wouldn't look for one kit that "handles all security aspects for me" cuz
likely it's not a well written kit [or comes from RSA... hehehe BSAFE
sux!].
> What can I do? Write my own RSA lib?
Definitely a good route if you want to learn stuff. Not so smart if you
want to field stuff.
Good luck and may the sun shine on all of your work.
Tom
- Next message: Michael Amling: "Re: My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Previous message: Tom St Denis: "Re: Beginner Qn: Encrypting small data"
- In reply to: Ad Rock: "My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Next in thread: Michael Amling: "Re: My Problem - Hash - Encryption - Number - Public Key - Assymetric"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
