crypto class design
Stephan Neuhaus
neuhaus at st.cs.uni-sb.de
Wed Dec 19 06:13:23 EST 2007
On Dec 17, 2007, at 17:38, travis+ml-cryptography at subspacefield.org
wrote:
> So... supposing I was going to design a crypto library for use within
> a financial organization, which mostly deals with credit card numbers
> and bank accounts, and wanted to create an API for use by developers,
> does anyone have any advice on it?
The one thing that I think is most important is not to use the "bunch
of functions" approach, but rather an integrated approach that
directly supports the use cases and protects against misuse.
> Intend to skim the OpenSSL design and Gutmann's "Design of a
> Cryptographic Security Architecture" for ideas.
There you have examples of both approaches.
Fun,
Stephan
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list