|
Posted by www.EdmundKirwan.com on December 15, 2006, 7:38 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hi, folks,
I'm given to understand that, when encrypting a file, it can be useful
to specify a format for the encrypted file which includes headers and
checksums, etc., as well as the encrypted data itself. This allows the
tool decrypting the file to verify, for example, that the password used
for decryption is the same as that used to encrypt the file.
This also, unfortunately, means that two different tools may not
encrypt/decrypt the same file, encrypted with the same algorithm and
password, the same way.
I've seen two examples for such file formats on the web:
http://fp.gladman.plus.com/cryptography_technology/fileencrypt/
http://64.233.183.104/search?q=cache:hh0hr2y1CNYJ:web.textfiles.com/computers/specs.txt+blowfish+cryptfile+format&hl=en&ct=clnk&cd=2
But I was wondering: is there a standard format? Or even a, "Most
commonly used," format?
Thanks,
.ed
|
|
Posted by Sebastian Gottschalk on December 15, 2006, 7:42 am
If you were Registered and logged in, you could reply and use other advanced thread options
www.EdmundKirwan.com wrote:
> But I was wondering: is there a standard format? Or even a, "Most
> commonly used," format?
OpenPGP. As used by the de facto standard .gpg format from GnuPG.
|
|
Posted by dMn on December 23, 2006, 9:55 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi, folks,
>
> I'm given to understand that, when encrypting a file, it can be useful
> to specify a format for the encrypted file which includes headers and
> checksums, etc., as well as the encrypted data itself. This allows the
> tool decrypting the file to verify, for example, that the password used
> for decryption is the same as that used to encrypt the file.
>
I don't know about standards here. If your making a new app with a new
file format, then you get to use whatever makes sense for you. If your
want others to adopt your product then you should consider using an
existing documented format (ZIP, OpenPGP). For a new implementation, I
personally would look at using an XML file format since that seems to be
the safest direction for application interoperability.
dMn
|
|
Posted by Sebastian Gottschalk on December 24, 2006, 4:02 am
If you were Registered and logged in, you could reply and use other advanced thread options
> I don't know about standards here. If your making a new app with a new
> file format, then you get to use whatever makes sense for you. If your
> want others to adopt your product then you should consider using an
> existing documented format (ZIP, OpenPGP).
The new ZIP format with AES is not compatible to RFC-PKZIP, and only few
applications can understand it.
> For a new implementation, I
> personally would look at using an XML file format since that seems to be
> the safest direction for application interoperability.
Yes, you really don't know much about standards. But it seems like you
believe that technology is a panacea, and that XML would automatically
imply interoperability.
|
|
Posted by dMn on December 28, 2006, 10:25 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Yes, you really don't know much about standards. But it seems like you
> believe that technology is a panacea, and that XML would automatically
> imply interoperability.
Ouch. With that level of inaccuracy on every point, I hope you don't
rely heavily on your ability to make conclusions. But I would be glad
to clarify any point if you have a question, which I presume you don't.
dMn
|
| Similar Threads | Posted | | TLS/SSL certificate format | August 6, 2004, 10:32 am |
| mhtml format | November 6, 2008, 6:00 am |
| format string and buffer overflow | April 10, 2005, 11:25 pm |
| Security Policy - HIPAA Guidelines Template Format 050414 | April 14, 2005, 8:38 am |
| Newbieish question about standard security practices | June 11, 2005, 11:04 pm |
| BS25999-2 Business Continuity Standard Published Today | November 20, 2007, 6:43 am |
| Novice Questions: Non-Standard Service Listening on Port/Firewalls | August 18, 2004, 2:12 pm |
| Single Signon cookie encryption - industry standard/best practice? | August 24, 2004, 9:34 pm |
| BS7799-3 Security Risk Management Standard Released Today | March 16, 2006, 7:44 am |
| Encrypted traffic | November 10, 2005, 7:53 pm |
|
XML site map