On 13/10/14 21:14, Ronald F. Guilmette wrote: > Mostly I just need > something that will be simple for me to implement in my program, > even though I am by no means knowledgable about cryptography > generally. (Most of what little I do know has been garnered from > with Wikipedia.)
>From the release announcements of Libgcrypt: > Thorough understanding of applied cryptography is required for proper > use Libgcrypt. (the word "of" seems to be missing) So you're using the wrong tool for the job. Have you thought about using off-the-shelf full disk encryption, perhaps restricted to a partition where the data is stored? Cryptography is very hard to get right. You shouldn't be designing your own stuff based on such a low-level library as Libgcrypt; you need a higher level thing where all the important bits have already been done for you. That previous paragraph is very important, the most important one of this mail by a long shot. > P.S. On my FreeBSD system, un-updated as it may be, there seems > to be a crypt(3) in the standard C library. That function is for one use and one use only: password storage and checking. It just has a misleading name. > I'm still rather baffled by the meaning of the phrase "designed > to be time-consuming" in this context. That is a desirable property in password storage, hence the oddly looking design choice. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
