[Cryptography Team] DES Plugin Secure?

[Ron Teitelbaum]

Chris,

 

I just tried to use your SecureRandom for my SSL implementation and found
out I needed the DESPlugin.  I found it and everything worked fine, but I
was reminded by your previous comment about there being a potential security
issue for the communication between Smalltalk and the external black box (in
this case the dll).  I also noticed the comments about how slow the
processing would be if the code was implemented in Smalltalk. 

 

So two questions,

 

1)       Do you feel the same way about the DESPlugin being insecure?

2)       Do you believe that a native implementation would be too slow?

 

Ron Teitelbaum

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/cryptography/attachments/20060716/a7d60520/attachment.htm