>Do you *really* use SHA-1 for *encryption* - or was that just a typo and >you're actually using it just for hashing?
just for hashing. -- Scott Erickson Software Development Team, FB-4, Inc. [EMAIL PROTECTED] "Dr. Vesselin Bontchev" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Do you *really* use SHA-1 for *encryption* - or was that just a typo and > you're actually using it just for hashing? > > If you indeed want to use it for encryption, you'll have to implement the > cypher yourself; the implementation at the above URL contains only the > hash function. > > If you have to implement a cypher yourself, I strongly recommend that you > consult some professional source. Getting a cypher right is tricky - there > are all sorts of pitfals and you could easily make serious errors if you > have no background in cryptography. There have been multiple cases in the > past when the SSL implementation in various Web browsers was insecure and > allowed the key to be guessed - usually because of a bad random number > generator. > > Of course, whether all this is worth the effort depends on how important > is for the cypher to be secure and what kind of attackers it is supposed > to thwart. > > Regards, > Vesselin > -- For information on using the PalmSource Developer Forums, or to unsubscribe, please see http://www.palmos.com/dev/support/forums/
