Difference between revisions of "Talk:XTEA Strong Encryption Implementation"
Morse Dillon (talk | contribs) |
|||
Line 1: | Line 1: | ||
Discuss amongst yourselves: | Discuss amongst yourselves: | ||
From a perspective of security, using the XTEA encryption like this in Electronic CodeBook mode is very insecure. There is no authenticity and patterns could be recognized. I recommend developing at least one of the operation modes like OFB and using that together with XTEA and using a nonce that is used really once for each pass and never used again. Also I recommend using [[llMD5String]] to add a hash, that is encrypted together with the data for authentication. A reference can be found at the wikipedia article about [http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Block_cipher_modes_of_operation]. Most of time when you are looking for encrytion, you are really looking for authentification of messages. There llMD5String comes in handy. [[User:Thomas Shikami|Thomas Shikami]] 02:38, 20 October 2007 (PDT) |
Revision as of 01:38, 20 October 2007
Discuss amongst yourselves:
From a perspective of security, using the XTEA encryption like this in Electronic CodeBook mode is very insecure. There is no authenticity and patterns could be recognized. I recommend developing at least one of the operation modes like OFB and using that together with XTEA and using a nonce that is used really once for each pass and never used again. Also I recommend using llMD5String to add a hash, that is encrypted together with the data for authentication. A reference can be found at the wikipedia article about Block_cipher_modes_of_operation. Most of time when you are looking for encrytion, you are really looking for authentification of messages. There llMD5String comes in handy. Thomas Shikami 02:38, 20 October 2007 (PDT)