The D/H is going to be used just to generate a key to securely transfer a 4096 bit key for use in symmetrical crypto routines later in the program,
You want to use a 4096-bit key for SYMMETRICAL crypto? Hello? Not only I don't know of ANY symmetrical algorithm with such a key, but why on Earth would you need it for? What attack do you know against a 128-bit or even 256-bit key that doesn't work against a 4096-bit one?
for actual encryption of the chat/voice/file data transfers. Using 1024 bits of D/H is fine to generate a key-encryption key to just transfer the 4096bit key. I chose 4096 because it's large enough to be used in any symmetric crypto algorithm to max out it's key length.
What symmetric crypto algorithm is that?
The bigger risk, though, is the quality of random numbers available for seeding your DH keys. Don't even DREAM of using Delphi's builtins, if it has them - go find good crypto-quality-randomness work to reuse, unless you know you'll only run on Linux where there's /dev/random. At least use sound-card noise or user-entered mouse tracks to help. Lots of "secure" systems have been cracked by cracking their random seeds.
Of course. ;)
Did I mention that I wrote a Yarrow implementation in Delphi? <g> It passes DIEHARD, but it hasn't been otherwise checked. [Public domain, btw.]
First, It's GPL'd, or under a modified version of the GPL. I find the GPL to be distasteful and it forms a barrier more than a bridge to continued software development.
I like this guy :) [All my code is public domain, but I hate the GPL for *forcing* people to share. Communism at its best.] Mark
participants (1)
-
Asymmetric