top | item 6950122

(no title)

jbri | 12 years ago

If you want to build new crypto, people would be absolutely happy for you to design and present a new cryptographic scheme - hopefully with some advantages over existing ones. People will analyze it, tell you where the weaknesses are, and if they're not critical flaws you can fix them and come out stronger - and if they are critical flaws, you know your scheme is broken before it's been used for anything important.

Likewise, building a hot new secure messaging app with existing well-analyzed, battle-tested cryptographic schemes is generally going to be welcomed.

If you try to do both at once, you're building your application on shaky, untested cryptographical foundations. Cryptographers would similarly probably warn you not to base your application on a new cipher someone else announced at a cryptography conference last week - give it a bit of time for others to analyze it and spot any flaws it might have before you entrust anything sensitive to it.

discuss

No comments yet.