"You believe that anyone who specifically targets your traffic will know enough to sniff your traffic but won't have enough smarts to use the javascript decryption routine you intend sending to every client. Uh huh."

You're making a poor assumption: that a) the routine is all that's needed to encrypt/decrypt (eg, no seeds/keys) and that b) the key is transmitted.

We don't know what the network situation is, he hasn't told us. As an example, RSA keypairs (server's public, client's private) might be included on an install CD. Then any correspondance using the javascript routine is fine; they can sniff away, and assuming high enough keysizes, well chosen keys, and a lack of quantum computers at hand, the traffic would be safe.

Also, a pet peeve: "You are serious about it so you use HTTPS." HTTPS by itself isn't enough. IE, for example, by default ships with 40-bit encryption. So one can make SSL connections that really aren't strong at all.

Lastly: "You believe that people randomly sniff HTTP traffic, scan for keywords and therefore some trivially reversible encryption offers protection." I don't know... last I heard, that's what Carnivore was supposed to do... so while I don't, for example, encrypt my connection to perlmonks, I certainly do to anything I believe is sensitive. Would AT&T route intranet traffic, unencrypted, through Bell's servers? Hardly! So again, we have the case of "we don't know how it's going to be deployed, and can't answer this." Heck, if I was Bell, and I knew that one of the servers I controlled was on a path between, say, a work-at-home AT&T employee and her office, I'd keyword-parse every byte sent out for "strategic" in a split second.

In reply to Re^2: I need some simple encryption. by danderson
in thread I need some simple encryption. by Cap'n Steve

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.