Re: crypto for the average programmer

2005-12-27 Thread Ben Laurie
Jack Lloyd wrote: On Fri, Dec 16, 2005 at 05:41:48PM +, Ben Laurie wrote: No, OpenSSL is self-contained. There is, IIRC, an engine that uses GMP if you want, but its entirely optional; OpenSSL has its own bignum implementation that's just as good. Last I checked, public key operations

Re: crypto for the average programmer

2005-12-27 Thread Jack Lloyd
On Tue, Dec 27, 2005 at 02:28:07PM +, Ben Laurie wrote: Apparently this rather depends on platform and compiler options. I am reliably informed that GMP is not always faster. For those that really care it'd be cool if someone did a careful comparison. It would also be interesting to

Re: crypto for the average programmer

2005-12-19 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Sun, 18 Dec 2005 21:56:11 -0600, Travis H. [EMAIL PROTECTED] said: solinym Anytime someone wants to rewrite a C library in a language solinym less prone to buffer overflows, I'm totally for it. Some say solinym that it's not the library, it's the programmer, but

Re: crypto for the average programmer

2005-12-19 Thread Travis H.
On 12/19/05, Richard Levitte - VMS Whacker [EMAIL PROTECTED] wrote: C has three really strong points: - portability. It's one of the most wide-spread and portable compiled languages that I know of. I beg your pardon? If I want to store 128 bits of information, and access the 8 most

Re: crypto for the average programmer

2005-12-19 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Mon, 19 Dec 2005 01:19:37 -0600, Travis H. [EMAIL PROTECTED] said: solinym On 12/19/05, Richard Levitte - VMS Whacker [EMAIL PROTECTED] wrote: solinym C has three really strong points: solinym solinym - portability. It's one of the most wide-spread and

Re: crypto for the average programmer

2005-12-19 Thread Travis H.
On 12/19/05, Richard Levitte - VMS Whacker [EMAIL PROTECTED] wrote: unsigned char foo[8]; (no, it isn't fool proof, but close enough after 1 second of thought). I think C guarantees that a char is a byte, but exactly how wide that is is processor-dependent. IIRC, some of the machines it was

Re: crypto for the average programmer

2005-12-19 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Mon, 19 Dec 2005 03:12:16 -0600, Travis H. [EMAIL PROTECTED] said: solinym On 12/19/05, Richard Levitte - VMS Whacker [EMAIL PROTECTED] wrote: solinym unsigned char foo[8]; solinym solinym (no, it isn't fool proof, but close enough after 1 second solinym of

Re: crypto for the average programmer

2005-12-18 Thread Bill Stewart
At 03:34 PM 12/14/2005, [EMAIL PROTECTED] wrote: An application programmer who is using PKCS1 doesn't even need to know the small amount of ASN.1 in the spec... libraries that implement RSA PKCS1 take care of the ASN.1 for the programmer. This is in fact one reason that ASN.1 exploits have

Re: crypto for the average programmer

2005-12-18 Thread Travis H.
Anytime someone wants to rewrite a C library in a language less prone to buffer overflows, I'm totally for it. Some say that it's not the library, it's the programmer, but I think that denies human factors. C simply requires too much machinery on top of it to use it securely. It is possible to

Re: crypto for the average programmer

2005-12-17 Thread Jack Lloyd
On Fri, Dec 16, 2005 at 05:41:48PM +, Ben Laurie wrote: No, OpenSSL is self-contained. There is, IIRC, an engine that uses GMP if you want, but its entirely optional; OpenSSL has its own bignum implementation that's just as good. Last I checked, public key operations in OpenSSL were

Re: crypto for the average programmer

2005-12-16 Thread Ben Laurie
[EMAIL PROTECTED] wrote: On Mon, 12 Dec 2005, Steve Furlong wrote: | My question is, what is the layperson supposed to do, if they must use | crypto and can't use an off-the-shelf product? | | When would that be the case? | | The only defensible situations I can think of in which a |

Re: crypto for the average programmer

2005-12-16 Thread Ben Laurie
[EMAIL PROTECTED] wrote: | | My question is, what is the layperson supposed to do, if they must use | | crypto and can't use an off-the-shelf product? | | | | When would that be the case? | | | | The only defensible situations I can think of in which a | | non-crypto-specialist

Re: crypto for the average programmer

2005-12-14 Thread Peter Gutmann
Travis H. [EMAIL PROTECTED] writes: In Peter Gutmann's godzilla cryptography tutorial, he has some really good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal. I learned a few no-nos, such as not sending the same message to 3 seperate users in RSA (if using 3 as an encryption

Re: crypto for the average programmer

2005-12-14 Thread Travis H.
On 12/14/05, Peter Gutmann [EMAIL PROTECTED] wrote: I don't know if there's any site tracking this, but (as the tutorial says) you can either go with PKCS #1 (the de facto standard, easy to implement and widely used) ... Actually, I'm embarassed to admit this but I've seen PKCS before but

RE: crypto for the average programmer

2005-12-14 Thread Whyte, William
On 12/14/05, Peter Gutmann [EMAIL PROTECTED] wrote: I don't know if there's any site tracking this, but (as the tutorial says) you can either go with PKCS #1 (the de facto standard, easy to implement and widely used) ... Actually, I'm embarassed to admit this but I've seen PKCS

crypto for the average programmer

2005-12-12 Thread Travis H.
In Peter Gutmann's godzilla cryptography tutorial, he has some really good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal. I learned a few no-nos, such as not sending the same message to 3 seperate users in RSA (if using 3 as an encryption exponent). My question is, what is the

Re: crypto for the average programmer

2005-12-12 Thread Steve Furlong
My question is, what is the layperson supposed to do, if they must use crypto and can't use an off-the-shelf product? When would that be the case? The only defensible situations I can think of in which a non-crypto-specialist programmer would need to write crypto routines would be an uncommon

RE: crypto for the average programmer

2005-12-12 Thread Whyte, William
In Peter Gutmann's godzilla cryptography tutorial, he has some really good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal. I learned a few no-nos, such as not sending the same message to 3 seperate users in RSA (if using 3 as an encryption exponent). My question is, what

RE: crypto for the average programmer

2005-12-12 Thread Whyte, William
NIST, in its series of FIPS standards and Special Publications, has defined federal standards for digital signatures and modes of operation for symmetric ciphers, and is moving towards standardizing key exchange mechanisms based on public key algorithms. Those standards are also free, though

Re: crypto for the average programmer

2005-12-12 Thread Alexander Klimov
On Mon, 12 Dec 2005, Travis H. wrote: In Peter Gutmann's godzilla cryptography tutorial, he has some really good (though terse) advice on subtle gotchas in using DH/RSA/Elgamal. I learned a few no-nos, such as not sending the same message to 3 seperate users in RSA (if using 3 as an encryption

Re: crypto for the average programmer

2005-12-12 Thread James A. Donald
Date sent: Mon, 12 Dec 2005 00:41:13 -0600 From: Travis H. [EMAIL PROTECTED] To: cryptography@metzdowd.com Subject:crypto for the average programmer In Peter Gutmann's godzilla cryptography tutorial, he has some really good

RE: crypto for the average programmer

2005-12-12 Thread James A. Donald
-- From: Whyte, William [EMAIL PROTECTED] Check the standards. The RSA PKCS#1 standard, which are free, describe how to do RSA securely and summarize known security results. http://www.rsasecurity.com/rsalabs/node.asp?id=2124. Don't use PKCS#3-style Diffie Hellman; it's been

Re: crypto for the average programmer

2005-12-12 Thread leichter_jerrold
On Mon, 12 Dec 2005, Steve Furlong wrote: | My question is, what is the layperson supposed to do, if they must use | crypto and can't use an off-the-shelf product? | | When would that be the case? | | The only defensible situations I can think of in which a | non-crypto-specialist programmer