Libcrypt examples?

[Peter Lebbing]

On 13/10/14 21:14, Ronald F. Guilmette wrote:
> Mostly I just need
> something that will be simple for me to implement in my program,
> even though I am by no means knowledgable about cryptography
> generally.  (Most of what little I do know has been garnered from
> with Wikipedia.)

>From the release announcements of Libgcrypt:

> Thorough understanding of applied cryptography is required for proper
> use Libgcrypt.

(the word "of" seems to be missing)

So you're using the wrong tool for the job. Have you thought about using
off-the-shelf full disk encryption, perhaps restricted to a partition
where the data is stored?

Cryptography is very hard to get right. You shouldn't be designing your
own stuff based on such a low-level library as Libgcrypt; you need a
higher level thing where all the important bits have already been done
for you.

That previous paragraph is very important, the most important one of
this mail by a long shot.

> P.S.  On my FreeBSD system, un-updated as it may be, there seems
> to be a crypt(3) in the standard C library.

That function is for one use and one use only: password storage and
checking. It just has a misleading name.

> I'm still rather baffled by the meaning of the phrase "designed
> to be time-consuming" in this context.

That is a desirable property in password storage, hence the oddly
looking design choice.

HTH,

Peter.

-- 
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>