I like RC4 but a quick search on how secure RC4 is comes back with enough negatives that I suspect my customer will be put off: http://en.wikipedia.org/wiki/RC4_cipher http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html We are not using wireless and I think a symmetric key is fine. If I could get a hold of some open source AES or 3DES code, I could show my customer the performance compared to RC4. As for a dynamic key - I guess I could generate a new key every time I synchronise. Anyone got any advice or code for generating a key?
Colin -----Original Message----- From: Aaron Ardiri [mailto:[EMAIL PROTECTED] Sent: 03 March 2004 08:59 To: Palm Developer Forum Subject: Re: encryption/decryption Palm Database > I need to encrypt/decrypt data for my project too, although I do not > need to sort it while it is encrypted. I found some code on the archive > that uses the RC4 algorithm (posted by Alan Ingleby) but my customer > does not think RC4 is secure enough. Has anyone written code for AES > or 3-DES that they are willing to share? RC4 is pretty good, a good implementation uses a dynamic key. the only problem (but, also a benefit) is that it is symmetric. you use the same key to decrypt and encrypt. but, if thats not sufficient, you should look at a public/private key system :) and, that stuff is very computational intensive. OS5 CPM libaries have routines to verify RSA signing, but nothing there for doing encryption/decryption yet. --- Aaron Ardiri PalmOS Certified Developer [EMAIL PROTECTED] http://www.mobilewizardry.com/members/aaron_ardiri.php -- For information on using the Palm Developer Forums, or to unsubscribe, please see http://www.palmos.com/dev/support/forums/ -- For information on using the Palm Developer Forums, or to unsubscribe, please see http://www.palmos.com/dev/support/forums/
