Re: xtea vc++ code


Tom St Denis wrote:
louloizi...@xxxxxxxxx wrote:
Thanks for all the good info. As far as keeping the key secret with
javascript, I'm thinking that the key will be based on a password.
Maybe I'll combine that with some other key that'll be randomly
generated during each session. Keep in mind that this is just to send
one piece of data. After that the key will be destroyed and it won't be
valid anymore.

Don't top post.

A: It's annoying.
Q: Why not?

Also, why are you just not using TLS? e.g. OpenSSL and mod_ssl [etc].

CGI script + https website == better than homebrew abomination of
crypto.

Tom

Sorry about that. I don't use Usenet too often (although I'm finding
that I probably should be). As far as the OpenSSL, wouldn't I still
need to get a certificate? I'm lacking the funds right now. Also, I
don't want to bog down my server too much. This is for an AJAX based
XML app, so it's already making a ton of HTTP requests as it is. Prior
to checking out AES, though, the only thing I'd used was TEA. I didn't
realize how many AES resources there were out there. Shouldn't be too
tough. Although I suppose I should read a book on encryption methods
because I'm not too knowledgeable in the subject.

.