Loading ...
Sorry, an error occurred while loading the content.
 

pedit & encryption

Expand Messages
  • Paul Nevai
    Hi Guys: The new pedit will be able to encrypt/decrypt memos. It is ready for release. However, I d like a few more people to test it before releasing it. If
    Message 1 of 10 , Dec 27, 2005
      Hi Guys:

      The new pedit will be able to encrypt/decrypt memos. It is ready for
      release. However, I'd like a few more people to test it before releasing it.

      If you are not on the current beta team and are willing to test it, please
      contact me privately at 2me@....

      Best regards, Paul
    • Ian Soboroff
      ... Details on the encryption, please? Any reason to choose pedit encryption (which is closed-source and thus unauditable) over Keyring, which is based on the
      Message 2 of 10 , Dec 27, 2005
        Paul Nevai <nevai@...-state.edu> writes:

        > Hi Guys:
        >
        > The new pedit will be able to encrypt/decrypt memos. It is ready for
        > release. However, I'd like a few more people to test it before releasing it.
        >
        > If you are not on the current beta team and are willing to test it, please
        > contact me privately at 2me@....

        Details on the encryption, please? Any reason to choose pedit
        encryption (which is closed-source and thus unauditable) over Keyring,
        which is based on the openssl code (triple-DES by default)?

        I've used encrypted notepads almost since I started with the
        Palm... it's just a damned handy way to carry around private codes and
        numbers all in one place in a relatively safe way. Keyring has been
        the best by far, thus far.

        Ian
      • Ray Drew
        ... Hi Paul, Sorry, I have been v. busy at work lately - hence not had much spare time. Have played around with this a little and it s working as expected on
        Message 3 of 10 , Dec 27, 2005
          Paul Nevai wrote:
          > Hi Guys:
          >
          > The new pedit will be able to encrypt/decrypt memos. It is ready for
          > release. However, I'd like a few more people to test it before
          > releasing it.
          Hi Paul,

          Sorry, I have been v. busy at work lately - hence not had much spare time.

          Have played around with this a little and it's working as expected on my
          T3. I can't remember if someone raised this earlier (if so, I second it)
          that it might be a nice safety feature to have an option to
          automatically lock memos to $READ_ONLY$ on encryption.

          Having said that, I don't know how much I would use this feature as I
          have been quite happy using Keyring, which I think I'm less likely to
          foul up.

          Wishing you a merry Christmas,

          Ray
        • Paul Nevai
          Hi Ian: # Details on the encryption, please? Any reason to choose pedit # encryption (which is closed-source and thus unauditable) over Keyring, # which is
          Message 4 of 10 , Dec 28, 2005
            Hi Ian:

            # Details on the encryption, please? Any reason to choose pedit
            # encryption (which is closed-source and thus unauditable) over Keyring,
            # which is based on the openssl code (triple-DES by default)?

            No need for me to give details here. The "Help" button will give enough
            details including the fact that it is based on DES and DES3.

            Using pedit's encryption will be purely optional. Only those need to use it
            who like the extra goodies it offers.

            I have very limited need for encryption but when I need it, I will use
            pedit's.

            All=my=best, Paul
          • dmccunney
            ... Hmmmm. Based on . Does this mean that it should be possible to decrypt a pEdit encrypted memo using another program that uses DES/DES3? ... ______
            Message 5 of 10 , Dec 28, 2005
              On 12/28/05, Paul Nevai <nevai@...-state.edu> wrote:

              > Hi Ian:
              >
              > # Details on the encryption, please? Any reason to choose pedit
              > # encryption (which is closed-source and thus unauditable) over Keyring,
              > # which is based on the openssl code (triple-DES by default)?
              >
              > No need for me to give details here. The "Help" button will give enough
              > details including the fact that it is based on DES and DES3.

              Hmmmm. "Based on". Does this mean that it should be possible to
              decrypt a pEdit encrypted memo using another program that uses
              DES/DES3?

              > All=my=best, Paul
              ______
              Dennis
            • Paul Nevai
              # Hmmmm. Based on . Does this mean that it should be possible to decrypt a # pEdit encrypted memo using another program that uses DES/DES3? No you can t.
              Message 6 of 10 , Dec 28, 2005
                # Hmmmm. "Based on". Does this mean that it should be possible to decrypt a
                # pEdit encrypted memo using another program that uses DES/DES3?

                No you can't. First, it uses Palm's implementation and I have no idea what it
                is. It's in the ROM. Second, it includes Palm specific info so that it can't
                be decrypted on non-Palm computers.

                As a consequence, if Palm decides to change its encryption on a future device
                which is unlikely but possible, then you can't decrypt your old memos anymore
                on new machines.

                Is this good news or bad news? You decide. Life is full of such examples.

                /Paul
              • dmccunney
                ... Is based on an RSA algorithm. See http://www.palmos.com/dev/support/docs/palmos/PalmOSReference/CryptoManager.html for details. ... Hmmmm. ... Palmsource
                Message 7 of 10 , Dec 28, 2005
                  On 12/28/05, Paul Nevai <nevai@...-state.edu> wrote:

                  > # Hmmmm. "Based on". Does this mean that it should be possible to decrypt a
                  > # pEdit encrypted memo using another program that uses DES/DES3?
                  >
                  > No you can't. First, it uses Palm's implementation and I have no idea what it
                  > is. It's in the ROM.

                  Is based on an RSA algorithm. See

                  http://www.palmos.com/dev/support/docs/palmos/PalmOSReference/CryptoManager.html

                  for details.

                  > Second, it includes Palm specific info so that it can't
                  > be decrypted on non-Palm computers.

                  Hmmmm.

                  > As a consequence, if Palm decides to change its encryption on a future device
                  > which is unlikely but possible, then you can't decrypt your old memos anymore
                  > on new machines.

                  Palmsource talks about the ability for developers to add other crypto
                  algorithms in future releases. We'll see.

                  > Is this good news or bad news? You decide. Life is full of such examples.

                  Depends on which way Palm jumps.

                  > /Paul
                  ______
                  Dennis
                • Dave Lemire
                  ... If you read what s at the link, it indicates the code is provided by RSA (presumably, RSA Data Security, Inc.), not that it uses the RSA algorithm. The
                  Message 8 of 10 , Dec 28, 2005
                    dmccunney wrote:
                    > Is based on an RSA algorithm. See
                    >
                    > http://www.palmos.com/dev/support/docs/palmos/PalmOSReference/CryptoManager.html
                    >
                    > for details.

                    If you read what's at the link, it indicates the code is provided by RSA
                    (presumably, RSA Data Security, Inc.), not that it uses the RSA
                    algorithm. The RSA algorithm is an asymmetric algorithm (different keys
                    for encryption and decryption), and what's going on in the pedit
                    encryption is clearly symmetric. The RSA algorithm wouldn't make any
                    sense for this application.

                    However, there is a discrepancy here that's interesting, because Paul
                    says he's using DES/3DES, and the info at this link only talks about
                    RC4, which is a different symmetric algorithm.

                    DaveL
                  • Paul Nevai
                    # Is based on an RSA algorithm. See # http://www.palmos.com/dev/support/docs/palmos/PalmOSReference/CryptoManager.html I believe this is for OS 5+ only. The
                    Message 9 of 10 , Dec 28, 2005
                      # Is based on an RSA algorithm. See
                      # http://www.palmos.com/dev/support/docs/palmos/PalmOSReference/CryptoManager.html

                      I believe this is for OS 5+ only. The one I use is in all OSs, or at least in
                      all since OS 3. Google "EncDES palm". All=my=best, Paul
                    • Paul Nevai
                      # However, there is a discrepancy here that s interesting, because Paul # says he s using DES/3DES, and the info at this link only talks about # RC4, which is
                      Message 10 of 10 , Dec 28, 2005
                        # However, there is a discrepancy here that's interesting, because Paul
                        # says he's using DES/3DES, and the info at this link only talks about
                        # RC4, which is a different symmetric algorithm.

                        See my previous e-mail and "EncDES". /Paul
                      Your message has been successfully submitted and would be delivered to recipients shortly.