i'm writing a crypto program that does stuff like hashing (sha1), encryption, digital signatues for win32 in c++ is built in cryptoapi secure, or should i use some other library like crypto++ i need maximum security and works on all systems xp and vista (and optionally 2000), but at same time i need to minimize exe size and so don't want uneeded extrernal libs
+6
A:
Define "secure". The built in windows crypto api does what it advertises and doesn't have any flaws that don't get corrected, at least of which I'm aware. The "Crypto Next Generation" API might be worth a look.
Usually, in a secured program, the issue is what people do with the API — insufficient key lengths, leaving keys around in plain text, etc — that really make trouble, not the vendor software.
Charlie Martin
2009-05-25 01:31:48
A:
If you need "maximum" security, you really need to hire an expert to help you. You can end up with an insecure program not only via misuse of the crypto API, as Charlie Martin pointed out, but by correctly using the wrong type of crypto, through misusing the results of the correctly used API, or even insecure design in other parts of your program.
This is an extremely frequent problem in the software industry.
Curt Sampson
2009-05-25 02:13:13
+2
A:
"Security is a process, not a product." - Schneier
Cryptographic algorithms like hashing, encryption, and signing are just a part of the process:
- How are you storing your keys? Can they accidentally be leaked onto disk via the page file?
- How do you generate your random numbers? Bad random numbers can really weaken everything. Just ask Debian or Netscape for horror stories.
- Can an IT adminstrator(s) update which algorithms are allowed using group policy?
- Does the solution support external hardened devices?
- Can you do the encryption in kernel mode?
- How do updates get distributed in the case of an attack or weakness?
CAPI and especially CNG on Vista have thought through these issues and in general are decent. You might want to watch this video by two guys on the CAPI team to get a feel for who designed it.
And besides, all of this is moot if folks can get physical access to your machine and put in a key logger.
Alas, it's a process...
Jeff Moser
2009-05-25 02:35:23
A:
CryptoAPI is as solid as it gets, when used correctly.
You will find that there are two kinds of outside libraries for crypto for Windows: those that reimplement everything because they are intended to support multi-platform development, and those that act as a simplifying layer on top of CryptoAPI for specific purposes. If you are in the former crowd, by all means use a reputable platform-neutral library. If you find that you can't be productive in raw CryptoAPI, find a reputable library that will do exactly what you need in less steps. But don't assume that another library is going to cure your security risks because it's somehow "better"; just make sure that whatever you use is reputable.
As many other have pointed out, if you truly need "maximum security" (at whatever level your "maximum" happens to be), you might want to hire an expert. Also, you do need to look at security from a holistic angle; encrypting data is just one aspect.
And finally, it should go without saying, don't even dream of writing your own cryptographic library, not even to implementing existing algorithms. You will fail, miserably.
Euro Micelli
2009-05-25 05:00:29
A:
For security choose a library that has fips 140-2 accreditation. After that it's all down to you using it securely.
Patrick
2009-06-11 22:10:14
+1
A:
Crypto API is deprecated, still works in Vista, but you should go with CNG (Crypto APi Next Generation). I'm not sure if Crypto API is still avalible in Windows 7.
Vexatus
2009-06-24 08:56:26