Talk:XTEA Strong Encryption Implementation

From Second Life Wiki
Revision as of 02:38, 20 October 2007 by Thomas Shikami (talk | contribs)
Jump to navigation Jump to search

Discuss amongst yourselves:

From a perspective of security, using the XTEA encryption like this in Electronic CodeBook mode is very insecure. There is no authenticity and patterns could be recognized. I recommend developing at least one of the operation modes like OFB and using that together with XTEA and using a nonce that is used really once for each pass and never used again. Also I recommend using llMD5String to add a hash, that is encrypted together with the data for authentication. A reference can be found at the wikipedia article about Block_cipher_modes_of_operation. Most of time when you are looking for encrytion, you are really looking for authentification of messages. There llMD5String comes in handy. Thomas Shikami 02:38, 20 October 2007 (PDT)