[Cryptography Team] Re: KryptOn MakoEnvelope
signedAndSealedFrom:to:object:
Cees De Groot
cdegroot at gmail.com
Tue Jan 10 15:30:47 CET 2006
On 1/10/06, Paul Crowley <paul at lshift.net> wrote:
> I'm going to sound like a curmudgeon when I say this, but I have a real
> dread of cryptography implemented by those who have read Applied
> Cryptography, which provides just enough information to be dangerous,
> and has in practice resulted in many cryptosystems which are buzzword
> compliant ("256-bit AES!") and dangerously broken.
>
Err... I hope you dread this kind of crypto less than that written by
(lay)people that haven't read the book at all :).
In any case, your point is exactly the point that Schneier makes over
and over again - if people ignore that point, they're beyond help.
So if I implement crypto code, I use a) recommended protocols - lots
of sound recommendations in the book, and b) test my implementation
against an existing implementation (like openssl) with a handful of
test messages. So, apart from a description of the protocol followed,
I always like to see self-test code with a reference to where the test
data was obtained.
More information about the Cryptography
mailing list