The first rule of encryption is that the password need to be secret, not the algorithm. (not mine, but I cannot readily find the source, sorry :-( )
A truly good encryption algorithm is safe even if I give you the source code for it but not the password I used to encrypt the data.
Exactly. And all the core internet encryption and signing algorithms are fully open source. Eg RSA, AES, DIffie Helman. And these are the algorithms the US (and most other western) governments require when sending data to or from or within there servers.
That’s assuming the algorithm is sound. If the algorithm has a flaw then it’s only a matter of time until you can easily crack anything using it.
Thats why he said "a truly good algorithm" I guess
The first rule of encryption is that the password need to be secret, not the algorithm. (not mine, but I cannot readily find the source, sorry :-( )
A truly good encryption algorithm is safe even if I give you the source code for it but not the password I used to encrypt the data.
Exactly. And all the core internet encryption and signing algorithms are fully open source. Eg RSA, AES, DIffie Helman. And these are the algorithms the US (and most other western) governments require when sending data to or from or within there servers.
That’s assuming the algorithm is sound. If the algorithm has a flaw then it’s only a matter of time until you can easily crack anything using it.
Thats why he said "a truly good algorithm" I guess
True, but that is not a good algorithm.