[Cialug] Complete C source online

Zachary Kotlarek zach at kotlarek.com
Wed Jul 24 14:19:28 CDT 2013


On Jul 24, 2013, at 11:14 AM, Morris Dovey <mrdovey at iedu.com> wrote:

> Hacker Alert!
> I’ve just posted C source for code to provide what I think is fairly robust privacy for computer files at http://www.iedu.com/Documents/Privacy - As shown, the code provides 1024-bit privacy keys which can be increased to whatever level anyone might want.
> For reference, the US government considers 256-bit keys adequate for sensitive information.


I would not recommend the sort of key generation you propose in those documents. The best keys are evenly distributed across the entire key space; the ones you generate with the described method will have significantly less entropy than truly random keys, and will provide effective key lengths quite a bit smaller than the actual key length.

Many (I'd even venture "most") modern motherboards and/or CPUs now have access to genuinely random data (quantum-driven thermal noise, for example) that can be used to create much better keys, and even without genuinely random data there are better techniques available for key generation.

	Zach

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2746 bytes
Desc: not available
URL: <http://cialug.org/pipermail/cialug/attachments/20130724/6581b05a/attachment.bin>


More information about the Cialug mailing list