[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: [OT] Security in scripting languages
- From: Diego Fernandes Nehab <diego@<a href="/cgi-bin/echo.cgi?tecgraf.puc-rio.br">...</a>>
- Date: Fri, 15 Feb 2002 16:15:12 -0200 (BRST)
As Vincent said, the security of an encryption algorithm must not be on
the algorithm itself, but only on the secret key it uses to create the
encrypted data from the plain text. Otherwise, once someone decides to
waste a few hours to unassemble your algorithm, all the data you
encrypted with it can suddenly be revealed for ever!
There is the md5 library available from
This is a well known algorithm that should be more than enough for your
Because it is a known algorithm, you know that a lot of people, some
with a lot of money and wits to spend, have tried to crack it. Since it
is open source, others can check its implementation and make sure there
are no flaws.
This is the power of open-source. :-)