Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

What About LibTomCrypt?

780 views
Skip to first unread message

Larry Lindstrom

unread,
Sep 21, 2009, 7:16:01 AM9/21/09
to
Hi Folks:

I've been using LibTomCrypt for a coupe of years, and it's been
giving me good service.

But, as has been observed, not much has been happening with it as
of late.

Tonight I read a post in this newsgroup from last year that Tom was
harassed severely and has walked away.

No good deed goes unpunished I guess.

What are others who have been using LibTomCrypt doing? Are you
porting to other libraries? Is there any reason not to keep using
LibTomCrypt?

I like being able to use one library for Windows and Unix
applications, though I haven't used LibTomCrypt on a Solaris project
yet.

I have cobbled together a make file that builds LibTomCrypt for
Visual Studio 2008, if anybody is interested.

Tom, if you see this, thanks for a nice library. I hope you are
doing well. I'm sure this wasn't how you wanted things to end and for
that I'm sorry.

Larry

Joseph Ashwood

unread,
Sep 21, 2009, 8:14:32 AM9/21/09
to
"Larry Lindstrom" <larryl...@hotmail.com> wrote in message
news:51c16ed0-4aa9-4256...@b18g2000vbl.googlegroups.com...

> What are others who have been using LibTomCrypt doing? Are you
> porting to other libraries? Is there any reason not to keep using
> LibTomCrypt?

There are many different options people are pursuing. If LibTomCrypt still
meets your needs, there is no reason not to use it. OpenSSL has also seen a
rise in popularity, Crypto++ has slow updates but is quite usable, that's
about it for free and completely cross-platform usable in C/C++, Java has
several libraries, the other languages have various extensions some of them
even natively included. There are also a wide variety of paid-for options to
meet your desires.

> Tom, if you see this, thanks for a nice library. I hope you are
> doing well.
>

> Larry

Agreed, but don't worry too much about Tom, he has opportunities, and seems
to be happy where he is.
Joe

Blumenthal, Uri

unread,
Sep 21, 2009, 1:04:19 PM9/21/09
to
I second the Crypto++ recommendation. It's nice, reasonably fast - and
includes most all the primitives and building blocks you may need.

I'm writing my code to Crypto++.


On 9/21/09 08:14 , in article b9Ktm.165569$8B7....@newsfe20.iad, "Joseph
Ashwood" <ash...@msn.com> wrote:

--
Regards,
Uri

Bruce Stephens

unread,
Sep 21, 2009, 6:06:03 PM9/21/09
to
"Joseph Ashwood" <ash...@msn.com> writes:

[...]

> There are many different options people are pursuing. If LibTomCrypt
> still meets your needs, there is no reason not to use it. OpenSSL has
> also seen a rise in popularity, Crypto++ has slow updates but is quite
> usable, that's about it for free and completely cross-platform usable
> in C/C++,

There's also Botan.

[...]

Noob

unread,
Sep 22, 2009, 3:43:11 AM9/22/09
to
Joseph Ashwood wrote:

> There are many different options people are pursuing. If LibTomCrypt
> still meets your needs, there is no reason not to use it. OpenSSL has
> also seen a rise in popularity, Crypto++ has slow updates but is quite
> usable, that's about it for free and completely cross-platform usable in
> C/C++

PolarSSL (formerly XySSL) might (??) also deserve a mention.

http://polarssl.org/

Tom St Denis

unread,
Sep 23, 2009, 9:00:50 AM9/23/09
to

The OP was using a crypto library, OpenSSL is at best an SSL library.
It's not really that great to write against for generic crypto
purposes.

Tom

Noob

unread,
Sep 23, 2009, 12:22:08 PM9/23/09
to
Tom St Denis wrote:

> Noob wrote:
>
>> PolarSSL (formerly XySSL) might (??) also deserve a mention.
>>
>> http://polarssl.org/
>
> The OP was using a crypto library, OpenSSL is at best an SSL library.
> It's not really that great to write against for generic crypto
> purposes.

I don't understand your reply.

Did you mean that PolarSSL [is not really that great to write against
for generic crypto purposes] ?

Tom St Denis

unread,
Sep 23, 2009, 12:35:47 PM9/23/09
to

I'd say PolarSSL is even worse than OpenSSL in terms of a generic
crypto library as it implements an even more restricted subset of
primitives. Don't get me wrong, they do what they need to do. But if
I were a cryptographer [hey wait, I am] needing to write an
application that is not SSL or TLS specific [I do that too!!! I'm 2/2
now!] then I would choose OpenSSL over PolarSSL, but more importantly
I'd choose my own crypto toolkit library over either.

If I need to write a TLS application and I don't have my own TLS
library handy, I'd most likely reach for OpenSSL. But that's about
the extent of that.

Tom

Tom St Denis

unread,
Sep 23, 2009, 12:46:48 PM9/23/09
to
On Sep 21, 7:16 am, Larry Lindstrom <larryl_tu...@hotmail.com> wrote:
>    Tom, if you see this, thanks for a nice library.  I hope you are
> doing well.  I'm sure this wasn't how you wanted things to end and for
> that I'm sorry.

I'd rather avoid the drama of the past, let's just say things happened
and I lost interest in donating my time to OSS. I'm glad it worked
for your projects. There are like the others pointed out other
libraries out there. I can't really think of a good C based one
though, both Botan and Crypto++ are C++ based, Bouncycastle is Java,
OpenSSL is C based but not really a generic crypto library, I don't
know what's in GNUtls but it's probably not generic either.

Seems to be a kinda hole left by the absence of LTC in terms of a
[imho] all around generic toolkit for C based applications. I was
hoping that someone who have taken up the LTC projects and maintained
them in my absence, but alas that hasn't happened.

I'd ask in the future that people not ask personal questions over
usenet. If you want to know the personal backstory fly out to Ottawa
and we'll chat over a few pints. And as for LTC questions/threads I'd
really like to see those stop. So long as there isn't a maintainer
I'd like to see the project kinda fade out to obscurity.

Tom

Unruh

unread,
Sep 23, 2009, 6:25:48 PM9/23/09
to
Tom St Denis <t...@iahu.ca> writes:

>On Sep 21, 7:16=A0am, Larry Lindstrom <larryl_tu...@hotmail.com> wrote:
>> =A0 =A0Tom, if you see this, thanks for a nice library. =A0I hope you are
>> doing well. =A0I'm sure this wasn't how you wanted things to end and for
>> that I'm sorry.

>I'd rather avoid the drama of the past, let's just say things happened
>and I lost interest in donating my time to OSS. I'm glad it worked
>for your projects. There are like the others pointed out other
>libraries out there. I can't really think of a good C based one
>though, both Botan and Crypto++ are C++ based, Bouncycastle is Java,
>OpenSSL is C based but not really a generic crypto library, I don't
>know what's in GNUtls but it's probably not generic either.

>Seems to be a kinda hole left by the absence of LTC in terms of a
>[imho] all around generic toolkit for C based applications. I was
>hoping that someone who have taken up the LTC projects and maintained
>them in my absence, but alas that hasn't happened.

>I'd ask in the future that people not ask personal questions over
>usenet. If you want to know the personal backstory fly out to Ottawa
>and we'll chat over a few pints. And as for LTC questions/threads I'd
>really like to see those stop. So long as there isn't a maintainer
>I'd like to see the project kinda fade out to obscurity.

Of course responding like this is not the best idea for obscurity. And
as you say, it is still about the only general purpose crypto library.

Tom St Denis

unread,
Sep 23, 2009, 9:23:19 PM9/23/09
to
On Sep 23, 6:25 pm, Unruh <unruh-s...@physics.ubc.ca> wrote:
> Of course responding like this is not the best idea for obscurity. And
> as you say, it is still about the only general purpose crypto library.

Nobody will know my wishes unless I share them. So the irony is
noted, but the exception I think is valid. :-)

Tom

yawnmoth

unread,
Sep 26, 2009, 1:08:09 PM9/26/09
to

Has the 'BigNum Math' book been abandoned too, out of curiosity? I
didn't even know the library, itself, had been abandoned...

0 new messages