Re (tilly) 1: CipherText

This is a note to anyone tempted to use this code.

Good encryption algorithms are surprisingly hard to write, and very hard to verify. While rolling by hand is in general not good practice, rolling your own encryption algorithm is just plain stupid when so many good ones are publically available.

The above is particularly bad. This is just an xor. The only things notable about using xor is how often people make that mistake, and how often cryptographers mention that it is insecure. Pick up Applied Cryptography if you are curious how to crack it.

Needless to say, I voted -- on this node.

Comment on Re (tilly) 1: CipherText

Replies are listed 'Best First'.
Re: Re (boo) 1: CipherText by boo_radley (Parson) on Feb 08, 2001 at 19:05 UTC
Tilly's advice is very true -- some other programming community websites that I visit have "encryption" code sections. Most code offerings have one of three themes. Code that produces a cyphered text, takes negligible time to brute force. Code that produces a cyphered text, takes negligible time to brute force, won't decrypt own cypher. Caesar cyphers. If you feel the need to try your hand at encryption, try one of the better documented, free (speech) algorithms : blowfish. Source code (in C and visual basic) is present, as well as a white paper describing the algoritm. There's even a set of test data to verify your implementation's correctness. Again, writing good encryption is sticky stuff -- especially when TASMWTODI, including blowfish (and even an all-perl version). So, unless you have a wild encryption itch to scratch, I'd suggest one of these existing modules. update : Level II encryption??? what's level I? ;-)	[reply]
A reply falls below the community's threshold of quality. You may see it by logging in.
A reply falls below the community's threshold of quality. You may see it by logging in.