rijndael question
Ryan McBride
mcbride at countersiege.com
Thu Dec 7 14:38:43 PST 2000
On Thu, 7 Dec 2000 mmotyka at lsil.com wrote:
> On the rijndael page I see this note below the optimized code link :
>
> > IMPORTANT NOTE ! This code was written in order to clarify the
> > mathematical description, and to run the statistical test. Without
> > modification, it should not be used to encrypt files,
> or for any other application.
>
> What exactly does this mean? The code is not correct and functional?
Functional code isn't secure. Correct code doesn't exist.*
This probably means that the code does not check for buffer overflows and
other bad programming, or that it has not been audited for security
holes.
-Ryan
* except as a platonic ideal
--
Ryan McBride - mcbride at countersiege.com
Systems Security Consultant
Countersiege Systems Corporation - http://www.countersiege.com
More information about the cypherpunks-legacy
mailing list