RE: [Algorithms] Message signature in token ring
Brought to you by:
vexxed72
From: Brian H. <ho...@py...> - 2003-04-17 06:30:37
|
>You're not qualified to verify, prove, proof, or otherwise= validate >that it implements the algorithm correctly and *securely*= either. Which is completely irrelevant. The point is that SOMEONE is qualified, and if that code is not available for review, then NO= ONE except the people that wrote it in the first place are going to= even have that option. With the sheer number of exploits found in Windows on a routine basis, I think the leeriness presented here is completely= rational. >There are other problems than the core algorithm. Of course there are. But not having that or its implementation exposed IS a problem. >It's true that platforms like PS2 present an issue, if Sony did= not >think to provide standard libraries. Which, of course, still doesn't solve an interoperability= problems. The best, non-crypto example of this is DirectPlay, which is= pretty much laughed at by most serious network game programmers I know,= is a complete nightmare when porting to non-Microsoft platforms, and= which is generally only defended by the people that worked on it, who= do a bunch of hand waving and make statements like "A lot of people= have spent a lot more time looking at this problem than you have, and= there's no way you can do better". Yet game programmers do. Go figure. >My major point was not to roll your own unless you absolutely= have >to. It's pretty clear you can go both ways on this issue. I cannot recommend hardware mixing in DirectSound to anyone, yet it seems= that it is often suggested as the right thing to do because, hey,= "they" are going to get it right more often than the lowly game= programmer. >I also pointed out that for many applications there is= perfectly >good OS code available which will do the job. The problem, again, is who says it's "perfect good"? Shall we do= a laundry list of Windows APIs that flat out have historically just= sucked? To be fair, we can also include the CRTL and Unix APIs= if you'd like, the point being that just because something is= "standard" or part of the operating system does not automatically make it= good or better than rolling your own solution. >library deficient. That doesn't invalidate the sense of using= the >provided libraries on Windows if you are not deploying on PS2. IF there is a high likelihood that the Windows implementation is= better than your own attempts and IF you don't care about= portability to other systems (Linux dedicated servers; Sun Ultra clusters;= etc.) then sure, it might make sense. But not always. -Hook |