|
|
|
|
|
|
by dredmorbius
3399 days ago
|
|
|
Cryptographic algorithms are, when they are shown to be better than old algos, better. Many algorithms are shown to be not better than old algos, hence the frequent admonitions (see Schneier for multiple examples) against roll-your-own crypto. I'm trying to remember the name of a much-touted encrypted messaging application being advertised for use by Arab Spring activists which turned out to have massive vulnerabilities. There's a list (which doesn't seem to include the one I'm thinking of) here:
http://www.pcworld.com/article/2843372/popular-messaging-app... The reality is that encryption advocates strongly encourage people to use tried and tested mechanisms. Worse: cryptosystems, inclusive of the algorithm and all the support infrastructure around it are very frequently worse than old systems, and reveal very, very badly broken implementations, sometimes years down the road. https://security.stackexchange.com/questions/18197/why-shoul... ftp://ftp.pgpi.org/pub/pgp/7.0/docs/english/IntroToCrypto.pdf |
|
|