[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: aes encryption
- From: Phoenix Sol <phoenix@...>
- Date: Wed, 30 Dec 2009 18:55:21 -0600
Who cares if there is recent activity, AES won't change, right?
libtomcrypt has a good rep in the community, it may be that Tom has
moved on to other things, graduation and getting a paying job can do
that to your projects!
> I'm also not sure about using OpenSSL for this purpose, although it doesWhy not? OpenSSL is what to use if you want speed and portability.
> have the cipher I want to use.
Very well respected, the API is a bit old and hoary, but such is the
price of being the granddaddy of crypto libraries.
Perhaps "granddaddy" is "my man". I was just intimidated by the size and scope of the project, and (admittedly at a glance) it's apparent dearth of documentation / examples for my intended usage.
> What I would prefer is a small C library that does only what is needed. I'dIf you want small, and don't care about fast, its not hard to find
> just use a straight Rijndael cipher implemented in C, but I'm doubtful of my
> ability to do it correctly and safely.
open source implementations:
Yeah, I see them. Especially the ones linked to by that wikipedia entry. I feel ill equipped to evaluate, let alone make use of them.
I feel compelled to say, that unless you know crypto very well, its
very possible to use AES in a system in a way that a good
cryptographer would not find secure. You might consider using gpg or
pgp or s/mime (via GNU Privacy Guard or OpenSSL).
Yeah. That's what I'm primarily worried about.
Btw, what about this thing: http://www.gammon.com.au/forum/?id=4988