By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
439,986 Members | 1,583 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 439,986 IT Pros & Developers. It's quick & easy.

Help needed in choosing an algorithm for Cryptographic services.

P: n/a
Hi group, recently my employer asked me too implement encryption/
decryption for secure data transfer over internet. Problem is that the
client application is written using C# and the webserver where i need
to store the information is developed using python.

My situation of dilemma is which cryptographic method suits me best
for this purpose.

Help/Suggestions are urgently required

Thank you ,
Abhishek
Jun 27 '08 #1
Share this Question
Share on Google+
4 Replies


P: n/a
abhishek wrote:
Hi group, recently my employer asked me too implement encryption/
decryption for secure data transfer over internet. Problem is that the
client application is written using C# and the webserver where i need
to store the information is developed using python.

My situation of dilemma is which cryptographic method suits me best
for this purpose.

Help/Suggestions are urgently required

Thank you ,
Abhishek
Languages don't have anything to do with "what is best method". It depends
on your application requirements. If all you want is secure data "transfer"
just use SSL to encrypt the information while being transmitted. If you wish
to have the data "stored encrypted" look into PGP.

-Larry
Jun 27 '08 #2

P: n/a
On Thu, 29 May 2008 20:27:35 -0500, Larry Bates wrote:
abhishek wrote:
>Hi group, recently my employer asked me too implement encryption/
decryption for secure data transfer over internet. Problem is that the
client application is written using C# and the webserver where i need
to store the information is developed using python.

My situation of dilemma is which cryptographic method suits me best
for this purpose.

Help/Suggestions are urgently required
The proper newsgroup for this question is sci.crypt.

Data security is a complex and difficult problem, and you are likely
to fail in the worst possible way: implementing something that is
weak but that you believe to be strong. Some advice: (1) Use
off-the-shelf products like PGP or GPG; don't write your own.
(2) Read Bruce Schneier's Applied Cryptography to get a feeling
for the dimensions of the problem. (3) Start by composing a
clear statement of what you need, avoiding vague terms like
"security". If you don't know where you're going, you can't
tell whether you've arrived.

--
To email me, substitute nowhere->spamcop, invalid->net.
Jun 27 '08 #3

P: n/a
abhishek <gu***************@gmail.comwrites:
Hi group, recently my employer asked me too implement encryption/
decryption for secure data transfer over internet. Problem is that the
client application is written using C# and the webserver where i need
to store the information is developed using python.
Use one of the SSL wrappers. Note that if you're using a recent
Debian distro, make sure to take the latest OpenSSL update since they
had an unbelievably bad screwup that destroyed their versions of
OpenSSL's security for a while. That applies to all Debian based
distros including Ubuntu, but not to non-Debian derivatives such as
Fedora.
Jun 27 '08 #4

P: n/a
[ Peter Pearson <pp******@nowhere.invalid]
On Thu, 29 May 2008 20:27:35 -0500, Larry Bates wrote:
>abhishek wrote:
>>Hi group, recently my employer asked me too implement encryption/
decryption for secure data transfer over internet. Problem is that the
client application is written using C# and the webserver where i need
to store the information is developed using python.

My situation of dilemma is which cryptographic method suits me best
for this purpose.

Help/Suggestions are urgently required
Data security is a complex and difficult problem, and you are likely
to fail in the worst possible way: implementing something that is
weak but that you believe to be strong. Some advice: (1) Use
off-the-shelf products like PGP or GPG; don't write your own.
full ack.
(2) Read Bruce Schneier's Applied Cryptography to get a feeling
for the dimensions of the problem.
While this book is most certainly worth reading, I doubt, that it is
necessary to gain in-depth knowledge of cryptography to make use of it in
your code.

If you transfer data over SSL-connection, you should rely on them being
safe, you don't need to understand the details. You only need to know,
what SSL can protect against, and what it can't protect against.

--
Freedom is always the freedom of dissenters.
(Rosa Luxemburg)
Jun 27 '08 #5

This discussion thread is closed

Replies have been disabled for this discussion.