Re: random, digest, uuid, cipher & Co

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: random, digest, uuid, cipher & Co
From: Mike Pall <mikelu-0504@...>
Date: Sat, 9 Apr 2005 18:05:37 +0200

Hi,

PA wrote:
> This is not strictly speaking a Lua question per se, but rather a 
> request for comment :)

You will get a better response by asking cryptography related
questions on cryptography related mailing list or newsgroups.

> I would like to simulate a public key infrastructure on the cheap for 
> authentication purpose...

This is a perfect recipe for disaster.

> Is such a scheme fatally flawed?

Almost certainly. Designing a proper cryptographic infrastructure
is more than mixing a few standard algorithms. Look at the history
of SSL/TLS or IPsec. Even though these were designed by the best
experts in the field, they got it wrong in the first few iterations.
It took them a decade to get everything 'right' (which may be 'wrong'
tomorrow, when somebody discovers yet another flaw).

> Simple alternatives? Thoughts? Comments?

Don't reinvent the wheel. Use SSL/TLS.

Bye,
     Mike

Follow-Ups:
- Re: random, digest, uuid, cipher & Co, PA

References:
- random, digest, uuid, cipher & Co, PA

Prev by Date: random, digest, uuid, cipher & Co
Next by Date: Re: random, digest, uuid, cipher & Co
Previous by thread: random, digest, uuid, cipher & Co
Next by thread: Re: random, digest, uuid, cipher & Co
Index(es):
- Date
- Thread