[cryptography] Compositing Ciphers?
nico at cryptonector.com
Fri Sep 6 21:24:44 EDT 2013
On Fri, Sep 6, 2013 at 8:05 PM, Jeffrey Walton <noloader at gmail.com> wrote:
> I'm more worried about key exchange or agreement.
The list of things to get right is long. The hardest is getting the
implementation right -- don't do all that work just to succumb to a
remotely exploitable buffer overflow. Next up is physical security.
Then key management. Then all the crypto stuff (ciphers, modes, MACs,
hash functions, ...). Then the RNG.... That's assuming off-the-shelf
And then there's your trusted insiders/counterparties. They are your
biggest risk of all, or possibly second biggest, after plain old
buffer overflows and similar.
More information about the cryptography