Prev: Gollin Lied, Babies Died
Next: The key to cracking any cipher: Elephant.
From: Ivan Voras on 8 Apr 2010 05:03
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/07/10 23:51, Sal wrote:
> It's called MySecret and it's easier for me to use than GnuPG. I
> typically use only symmetric encryption anyway so GPG is overkill. But
> before I do any major encryption with it I would like to get the
> opinion of some experts. Thanks.
>
> http://www.di-mgt.com.au/mysecret.html

On the other hand, you could just do

openssl bf-cbc < inputfile > outputfile

and be more certain than reimplementing it.

For fancy processing, do e.g.

gzip -c infile | openssl bf-cbc | b64encode - > outfile

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAku9m/QACgkQldnAQVacBcgY5ACg8dq41AjDAGRQvo3Mwy1olSR9
R3oAoI0MjtoKKWadmNal4HTMiTmhuJ3F
=wUCK
-----END PGP SIGNATURE-----
From: Paulo Marques on 8 Apr 2010 08:14
Sal wrote:
> It's called MySecret and it's easier for me to use than GnuPG. I
> typically use only symmetric encryption anyway so GPG is overkill. But
> before I do any major encryption with it I would like to get the
> opinion of some experts. Thanks.
>
> http://www.di-mgt.com.au/mysecret.html

It looks half-way decent at least. The lack of source code makes it
difficult to judge if there was enough care taken about locking and
clearing memory used for sensitive information (password, etc.) and
other details (not to mention malicious backdoors).

Of course, having a symmetric encryption means that your friends that
need to send you encrypted data need to know the same key as you do, and
can decrypt files sent from other users using the same key (or
impersonate you, etc.).

--
Paulo Marques - www.grupopie.com

"All generalizations are false."
From: rossum on 8 Apr 2010 10:58
On Wed, 7 Apr 2010 14:51:08 -0700 (PDT), Sal <here(a)softcom.net> wrote:

>It's called MySecret and it's easier for me to use than GnuPG. I
>typically use only symmetric encryption anyway so GPG is overkill. But
>before I do any major encryption with it I would like to get the
>opinion of some experts. Thanks.
>
>http://www.di-mgt.com.au/mysecret.html

Blowfish Test Vectors are here:
(http://www.schneier.com/code/vectors.txt)

Page linked from here:
(http://www.schneier.com/blowfish.html)
which might have some other useful stuff for you.

rossum

First  |  Prev  | 
Pages: 1 2
Prev: Gollin Lied, Babies Died
Next: The key to cracking any cipher: Elephant.