crypto class design

Stephan Neuhaus neuhaus at
Wed Dec 19 06:13:23 EST 2007

On Dec 17, 2007, at 17:38, travis+ml-cryptography at  

> So... supposing I was going to design a crypto library for use within
> a financial organization, which mostly deals with credit card numbers
> and bank accounts, and wanted to create an API for use by developers,
> does anyone have any advice on it?

The one thing that I think is most important is not to use the "bunch  
of functions" approach, but rather an integrated approach that  
directly supports the use cases and protects against misuse.

> Intend to skim the OpenSSL design and Gutmann's "Design of a
> Cryptographic Security Architecture" for ideas.

There you have examples of both approaches.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list