Paul, If you, as you say, "do not have much experience in breaking/testing encryption or the details of modern methods", I must assume that you are not, in fact a professional cryptographer. (That's okay! Neither am I!) That being the case, I must ask you to PLEASE, PLEASE, PLEASE not implement any sort of cryptographic solution yourself. ESPECIALLY if it is intended to be used "under circumstances that the senders life may depend on it being secure." It is really easy to get crypto wrong and fairly challenging to get it right. Here is an entertaining article illustrating my point: http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html
The best solution for you here is to explain the problem clearly and the threats that are faced by your end users to someone who is very smart about cryptography and security (preferably someone much smarter about it than myself), and have them help you come up with an already existing solution. Good luck! Cooper Quintin PGP Key ID: 75FB 9347 FA4B 22A0 5068 080B D0EA 7B6F F0AF E2CA On 01/28/2013 07:18 AM, Yosem Companys wrote: > From: *Paul Christian* <[email protected] <mailto:[email protected]>> > To: [email protected] <mailto:[email protected]> > > Hi Folks, > > I am new to the list and have in interest in encryption, but not much > experiance in breaking/testing or a details understanding of modern methods. > > I am interested in developing some technology to allow a user to > communicate as securly as possible between a termial on an unsecure > network and another users. > > ie encrypted message from browser to user on another computer. Under > circumstances that the senders life may depend on it being secure. > > I have a few ideas in mind, but two important questions; > > is it worth while? - is ssl good enough? ( it doesn't seem to be from my > reading) > > Anyone want to try and decode/break it once I have a demonstrator? > > Thanks, > > Paul > > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
