[REBOL] Re: Secure file upload tool design?
From: jasonic:cunliffe:verizon at: 18-Dec-2001 19:01
> You could always implement encryption yourself and
> send the files between REBOL client program to
> REBOL server using a custom protocol. There are any
> number of free sources describing cryptographic
> algorithms on the web; the main problem with
> implementing them in REBOL may be performance,
> since REBOL isn't entirely a speed demon for
> math, as I understand it.
Thanks. Yes I tend to believe the easiest adn often most effective security
is simply small customized tools designed to play together on both client
and server. For that one can use almost anything, images, flash, rebol .. 6
different sister emails designed to be re-assembled etc.
Am I right in understanding that the cryptographic needs are only for
generating codes? They do not need to run all the time? If so, REBOL's math
crunching speed is not really an obstacle.
Today I upgraded my version of F-Secures SSH-Telnet Client. They ahave a
really cool installation tool. It opens a window and then tells you to move
the mouse around. As you do so, a fuel guauge graphic fills pregresses. The
softwar uses the manually genrated, random, hard-to-reproduce mouse xy
coordinates as seed data for the SSH code. This takes only about 7 seconds
to complete. Seems like a very neat way to create secure pascodes on the
fly. I hope to try a native REBOL version.
Other approaches I have been wondering about: using small photos with
embedded data in them. The advantage there is an ancient humanly readable
verification combined with encrypted invisble data. A hybrid woudl be to
generate small artworks using the mouse tracking.. in effect genreate art to
craeet imagery which also embdeds encrypted data within. These could then be
used as iconographic security tokens.
./Jason