Re: Insecure cryptographic algorithms to avoid using?



"ykgoh" <gohyongkwang@xxxxxxxxxxx> writes:
First of all, I'm not a cryptography researcher, just a developer who
needs encryption for my software, so I figured the best way would be to
rely on a well-tested algorithm that has been scrutinized and tested by
experts. btw, I'm not protecting national security secrets, just to
encrypt some user passwords.

What is the application, and what language are you writing in? For
example, do you mean you want to encrypt your own passwords on your
PC, so you can decrypt them to log into remote web sites? Or are you
running a server where you want to authenticate user logins? The
approaches you need depend a lot on what you're trying to do.

As for algorithms: stick with standard ones, which mainly means AES
and SHA.
.