Out of curiosity, what is "the best cryptography algorithm" for you as a programmer, given both security and ease of implementation?
RSA is slow (as are all asymmetric keys) and also fairly weak for a given key length, though it is the most widely known asymmetric method. Elliptic curve is much stronger at any given key length, and there by quicker for a given level of security.
Hamish Downer
2008-10-07 16:39:29
+1
A:
The best for simple cyptography is an XOR against a key. It's quick, simple to implement and uses the same process for both encrypting and decrypting.
Edit: Before my rep gets savaged over this quick response, I should clarify that it's not highly secure. But, it provides good, garden-variety encryption for situations that don't require high security.
Kluge
2008-10-07 16:11:50
Internet, this is sarcasm. Sarcasm, this is the place where you can be a real idea, and a god for the misguided.
Tom Ritter
2008-10-07 16:16:00
@KLUGE: Actually this can be very safe if you use something like your favourite CD or DVD as a key. The key is then massive. All you need at the other end is a copy of the same CD or DVD. < Perhaps you could add this suggest and get some rep back.
_ande_turner_
2008-10-07 16:23:49
@Ande - what you're describing is a One Time Pad, and it's provably completely secure IF the pad is as long as the data encrypted and it's randomly generated. Using something like a CD or DVD where the data is non-random reduces security to the point where you're relying on luck instead of math.
Tom Ritter
2008-10-07 16:30:46
@AviewAnew: OTP, indeed it is. An Audio Recording in Digital format is never going to be replicated through Math. The non-random nature of it's creation doesn't detract from the fact that it will be completely unpredictable.
_ande_turner_
2008-10-07 16:49:24
@KLUGE: The "very safe" proviso is there only in the case that if someone intercepts you communication of the key then you are completely compromised.
_ande_turner_
2008-10-07 17:00:16
Ande: At the resolution you're going to be using, a music waveform is highly predictable - each value is going to be extremely close to the next. 44,100 samples per second gives you an amazingly smooth line, even for high and/or mixed frequencies. Quite a testament to our ears, actually :)
jTresidder
2008-12-01 23:45:27
+3
A:
Rijndael / AES (for its security, standardization and pervasiveness)
What does "ease of implementation" mean? You don't think about implementing a crypto algorithm yourself, do you?!
Tomalak
2008-10-07 16:11:53
+2
A:
Symmetric or Asymmetric?
And implementing an algorithm yourself is a poor choice - use a scrutinized, vetted library.
Tom Ritter
2008-10-07 16:12:01
A:
RSA is good, but slow in key generation. For a simpler, but just as good (in my opinion) encryption scheme I use AES.
The Wicked Flea
2008-10-07 16:12:12
+10
A:
What are you doing with it? there is no "best" encryption algorithm: they all have benefits and detriments.
AES is fast, and symmetric. Blowfish is pretty fast, and also symmetric.
You should read resources like Applied Cryptography for more information.
warren
2008-10-07 16:13:34
+3
A:
The best cryptography algorithm is the one that's strong enough to meet the requirements, and no stronger.
This changes on a per-project basis, so there's no single answer.
Adam Davis
2008-10-07 16:15:33
A:
like everyone else said, Best is a sliding metric.
If your trying to learn to code one, start with the easy classics, and learn your way up.
J.J.
2008-10-07 16:19:43
+2
A:
My personal favorite is still Blowfish. I like how it works, I have used it a lot in applications, it's easy to use in the libCrypto library from OpenSSL and people consider it to be very secure. Further it can have keys up to 448 bits long. Twofish is basically a variation of Blowfish, created for the AES contest (which Rijndael finally won), but I like Blowfish more than Twofish. It's also not much slower than other algorithm, actually it's one of the faster ones.
Mecki
2008-10-07 16:30:47
A:
Those two requirements: security and ease of implementation tend to be at opposite ends of the spectrum. Something like AES is very secure, but not too easy to implement. Rot-13 on the other hand is extremely easy to implement, but slightly less secure :-)
Ferruccio
2008-10-07 16:37:59
Rot-13 is not that bad. You can't get much more security out of a 0 bit key.On the other hand I think AES is not that hard to implement. I did it once just to see if I can do it and it took me less than a day with wikipedia and the specs. And it is resistant to timing attacks.
stribika
2009-08-02 21:30:07
A:
If you're using the .Net framework, the RSA encryption libraries are built in - including the RSA implementation of AES.
Jeff B
2008-10-07 17:26:21