lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Who cares if there is recent activity, AES won't change, right?

libtomcrypt has a good rep in the community, it may be that Tom has
moved on to other things, graduation and getting a paying job can do
that to your projects!

Good points.

> I'm also not sure about using OpenSSL for this purpose, although it does
> have the cipher I want to use.

Why not? OpenSSL is what to use if you want speed and portability.
Very well respected, the API is a bit old and hoary, but such is the
price of being the granddaddy of crypto libraries.

Perhaps "granddaddy" is "my man". I was just intimidated by the size and scope of the project, and (admittedly at a glance) it's apparent dearth of documentation / examples for my intended usage.
> What I would prefer is a small C library that does only what is needed. I'd
> just use a straight Rijndael cipher implemented in C, but I'm doubtful of my
> ability to do it correctly and safely.

If you want small, and don't care about fast, its not hard to find
open source implementations:

Yeah, I see them. Especially the ones linked to by that wikipedia entry. I feel ill equipped to evaluate, let alone make use of them.
I feel compelled to say, that unless you know crypto very well, its
very possible to use AES in a system in a way that a good
cryptographer would not find secure. You might consider using gpg or
pgp or s/mime (via GNU Privacy Guard or OpenSSL).

Yeah. That's what I'm primarily worried about.


Thanks, Sam.

Btw, what about this thing: