[Opensource] Strong Encryption
Michael Rimov
rimovm at centercomp.com
Thu Mar 13 09:28:56 PST 2003
At 07:30 PM 3/12/2003 -0800, you wrote:
>1. org.bouncycastle.jce.provider.BouncyCastleProvider() is hardcoded in
>this class. Is this the only provider supported by Expresso?
Yes at this time.
>2. Why was cryptix.jce.provider.CryptixCrypto() replaced?
Cryptix, while a fine library, barely had any development activity for a
long time. Bouncycastle is more feature rich, less bugs, and has a highly
active development community.
>3. Is the Rijndael still the recommend algorithm?
Yes, although you can certainly use Twofish as well. I need to add support
for 3DES too....
>4. What is the max length of the cryptoKey? Will a 400 character key be
>any better then a 100 character key?
Effectively we process about a 160-bit key. [We use SHA to whiten the
passphrase]. So 20 bytes.
Of course, strenth additions to that portion of the code would always be
welcome!
HTH!
-Mike
More information about the Opensource
mailing list