[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DotGNU]Encryption protocols
From: |
Rhys Weatherley |
Subject: |
Re: [DotGNU]Encryption protocols |
Date: |
Sun, 9 Mar 2003 20:40:04 +1000 |
User-agent: |
KMail/1.4.3 |
On Sunday 09 March 2003 07:19 pm, Peter Minten wrote:
> I promised on IRC yesterday to look into openssl and which parts of it are
> useful to DotGNU. A quick look revealed that 2 protocols might be very
> useful: RSA and blowfish. RSA is good for the authentication (since it uses
> public and private keys) and blowfish is good for the encryption of
> communication.
This is pretty standard for encrypted channels. The trick is not so much the
algorithms involved (RSA, blowfish, SHA, etc), but the way they are used in
combination. There are ways of using RSA with blowfish, for example, that
can be very insecure if you aren't careful.
A lot of work has gone into SSL/TLS to make sure that the algorithms are used
correctly in combination. It is would be very dangerous for DotGNU to make
up a new session protocol. It would be better to use the standard directly.
Pnetlib does currently have implementations of the core algorithms involved
under System.Security.Cryptography. Perhaps someone can take it as an action
item to write an SSL/TLS implementation on top in C#. Or perhaps instead
take an action item to PInvoke-wrap OpenSSL and/or GnuPG for use in C#
applications. The latter is likely to be easier, and less likely to get
wrong, but don't let that stop you. A pure C# implementation would be kind
of cool.
Cheers,
Rhys.
Re: [DotGNU]Encryption protocols, Peter Minten, 2003/03/09
Re: [DotGNU]Encryption protocols, Chris Smith, 2003/03/10