RE: [Algorithms] Message signature in token ring
Brought to you by:
vexxed72
Menu
▾
▴
RE: [Algorithms] Message signature in token ring
|
From: Casey M. <gd...@fu...> - 2003-04-17 06:05:07
|
> You're not qualified to verify, prove, proof, or otherwise validate that > it implements the algorithm correctly and *securely* either. Don't extrapolate your own lack of ability to everyone who develops games. It's WELL within the realm of possibility that there are game programmers who would be able to catch exploits in cryptography code. Since we routinely find bugs in everything else, it's only appropriate process for a game developer concerned about security to go through the code carefully and test it thoroughly, instead of just grabbing it and saying "yeah, I'm sure it'll be fine!" Frankly, this is tiresome. My suggested cons (a - you can review the code, b - you can port it, c - it's not part of a package that has been routinely exploited) were simple and valid. You don't have to agree with any of them, but I have no idea why going off on tangents about Sony's lack of libraries or game programmers being lame has anything to do with it. These are pragmatic concerns that the person who asked the question might want to think about before taking the advice of "use the one in the OS". And that's the last you'll hear from me on this topic, because frankly, there are few things I care less about than cryptography. - Casey |
