from Hacker News

Ask HN: How to Ensure Correct Encryption?

by lukaszwojtow on 9/23/22, 4:57 PM with 1 comments

Hi, I'm writing my own encryption/decryption tool as an exercise. I'm using separate, audited RSA library for actual encryption but everything else is on me. On my machine I have some ordinary RAM (not ECC) and a file system without error correction. So I'm trying to think what can go wrong: 1. A key gets corrupted in memory (through cosmic ray or memory error). 2. A key can be read from the disk with error. 3. File can be saved with an error.

My ideas to solve it: Ad 1. Have two keys in memory and compare them before encrypting each file. Ad 2. Some sort of checksum (I assume that public key has no such thing). Ad 3. The only thing I can think of: after encryption compare with "valid" (probably encrypt again and compare).

Can you think of anything else?

  • by LinuxBender on 9/23/22, 5:14 PM

    I believe you will find most folks here will be against the concept of writing ones own encryption even if as a personal exercise. That said I am not a cryptologyst and can only suggest lurking on Cryptography and Security Stackexchange [1][2] for some time and then posting a detailed question/discussion on this topic. There may be other groups indirectly related to cryptography. [3] I personally think it is great you are taking on such a challenge and hope that you share here what you learned.

    [1] - https://crypto.stackexchange.com/

    [2] - https://security.stackexchange.com/

    [3] - https://stackexchange.com/sites#