crypto for the average programmer
Steve Furlong
demonfighter at gmail.com
Mon Dec 12 10:40:15 EST 2005
> My question is, what is the layperson supposed to do, if they must use
> crypto and can't use an off-the-shelf product?
When would that be the case?
The only defensible situations I can think of in which a
non-crypto-specialist programmer would need to write crypto routines
would be an uncommon OS or hardware, or a new or rare programming
language which doesn't have libraries available from SourceForge etc.
Or maybe implementing an algorithm that's new enough it doesn't have a
decent free implementation, but I'm not sure such an algorithm should
be used in production code.
Indefensible situations include the programmer wanting to write his
own crypto because it's cool or because he just knows he can do better
than all the specialists (in which case he's too arrogant or ignorant
to benefit from a common gotchas list) or the manager telling the
programmer to implement it himself for some bad reason (in which case
the programmer should explain why that's a bad idea).
--
"Oooh, so Mother Nature needs a favor?! Well maybe she should have
thought of that when she was besetting us with droughts and floods and
poison monkeys! Nature started the fight for survival, and now she
wants to quit because she's losing. Well I say, hard cheese." --
Montgomery Burns
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list