|
|
|
|
|
|
by loup-vaillant
2702 days ago
|
|
|
> this example should come with some caveats listed. No longer. You would know if you spent 10 hours reviewing Monocypher (which I reckon is not a good use of your time), so it's natural that you don't. > It is generally considered "best practice" to -not- attempt to roll your own cryptographic system I am keenly¹, painfully² aware of what it takes to write production grade crypto. And I didn't really roll my own. I only implemented primitives everyone trusts. And I wasn't alone either. I've had lots of reviews, as well as substantial external advice and contributions. That you can confirm by scouring the GitHub repository and the Monocypher website for 15 minutes. [1]: http://loup-vaillant.fr/articles/rolling-your-own-crypto [2]: https://monocypher.org/quality-assurance/disclosures --- With that all said, your overly generic advice sounds like you didn't even click the link… did you? |
|
|