On 12/11/12 7:04 PM, Ed Leafe wrote: > Again, the mathematics of this is way above my understanding. But > that's the point I've been trying to make in this thread: there are people > who devote their entire lives to these concepts. There is no way that you or > I in a matter of a few hours will be able to outsmart them. And these aren't > just normal people, BTW. Since the stakes are so high when it comes to > security, these are the cream of the crop of PhDs in mathematics who are > being paid incredible sums of money to stay ahead of the bad guys, who are > paying incredible sums of money to other equally exceptional PhDs to defeat > the security experts. Anyone who thinks that in their spare time they can > come up with something that will be secure is truly delusional.
This is very true and I agree that we should use generally-accepted practices and available libraries rather than reinventing the wheel all the time. However there is always part of me that is reluctant to trust or recommend something that I can't explain, but then again if trial and error seems to pan out over time, I tend to come around eventually. What if every site on the web came to use this algorithm, and a major flaw was discovered in 5 years? Paul _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
