top | item 46338440

(no title)

blincoln | 2 months ago

I've been assessing systems that use cryptography for about 20 years as part of my work in information security, and I've never seen a customization that increased the security of a cryptographic algorithm over following the best practices.

Usually, non-specialists fiddling with cryptographic algorithms makes them much less secure. Developers who aren't cryptographic mathematicians should generally use a well-respected algorithm, follow current best practices, and treat that component as a magic box that's not to be tampered with.

discuss

No comments yet.