On 1/10/06, Paul Crowley paul@lshift.net wrote:
I'm going to sound like a curmudgeon when I say this, but I have a real dread of cryptography implemented by those who have read Applied Cryptography, which provides just enough information to be dangerous, and has in practice resulted in many cryptosystems which are buzzword compliant ("256-bit AES!") and dangerously broken.
Err... I hope you dread this kind of crypto less than that written by (lay)people that haven't read the book at all :).
In any case, your point is exactly the point that Schneier makes over and over again - if people ignore that point, they're beyond help.
So if I implement crypto code, I use a) recommended protocols - lots of sound recommendations in the book, and b) test my implementation against an existing implementation (like openssl) with a handful of test messages. So, apart from a description of the protocol followed, I always like to see self-test code with a reference to where the test data was obtained.