peter at digitalbrains.com
Wed Oct 15 11:21:18 CEST 2014
On 13/10/14 21:14, Ronald F. Guilmette wrote:
> Mostly I just need
> something that will be simple for me to implement in my program,
> even though I am by no means knowledgable about cryptography
> generally. (Most of what little I do know has been garnered from
> with Wikipedia.)
>From the release announcements of Libgcrypt:
> Thorough understanding of applied cryptography is required for proper
> use Libgcrypt.
(the word "of" seems to be missing)
So you're using the wrong tool for the job. Have you thought about using
off-the-shelf full disk encryption, perhaps restricted to a partition
where the data is stored?
Cryptography is very hard to get right. You shouldn't be designing your
own stuff based on such a low-level library as Libgcrypt; you need a
higher level thing where all the important bits have already been done
That previous paragraph is very important, the most important one of
this mail by a long shot.
> P.S. On my FreeBSD system, un-updated as it may be, there seems
> to be a crypt(3) in the standard C library.
That function is for one use and one use only: password storage and
checking. It just has a misleading name.
> I'm still rather baffled by the meaning of the phrase "designed
> to be time-consuming" in this context.
That is a desirable property in password storage, hence the oddly
looking design choice.
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users