I’ve been doing the “math thing” for many years. That is, computer science and math are like two great tastes. If you don’t know math, you won’t be able to program. If you don’t know how to program it’s probably because you don’t know the math that’s fundamental to writing effective programs.
That said, and in spite of all this math, my understanding of encryption I’m learning is way under what it should be. Technically encryption is a math problem: “I have this word that I want to obscure/encrypt. Shift this and that character against this and that other character and/or number and it’ll do what I want”. But there’s way more to it than that. There are standards for encryption and roadmaps called RFC (request for comment) that allow a programmer to implement based on spec (the RFC). A well-written RFC will offer enough details for the programmer to implement their program easily, hopefully, and in their language of choice. Not this time, unfortunately.
I’ve been reading RFC 4757 and 2104 and I’ll be damned if I can fit all of these pieces together. It seems like each part of my code is working separately, but I’ve been running packet capture tools to see how my program interacts with the server versus how a known-working-program interacts with the server and what my program is sending is just dead wrong. I’m certain my implementation is incorrect in some way and I’d really like to implement this one encryption type that’s native to the Microsoft platform but it’s just not working out. I fear that if I omit this encryption type people will not buy the software. I must’ve swallowed a brick. You can infer how that’s going to work out.
I should note on the plus side that I’ve actually tested and “certified” the software under Windows 2008, so that’s a major win. As you recall, the baseline for OS support is Windows 2003, but Windows 2008 support was crucial to the lifespan of the product, or heck, even early adoption by customers. The only other major sticking point for the software to be considered done for v1 is the remainder of encryption support. I procrastinated earlier since I figured “I’ll have time later” but that was obviously when there were other principals involved with the company.
Now I’m bogged down in this silly encryption issue and I have not had a chance to finish the incorporation, art, or commerce bits of the company. And I’m only slightly started on the v2 product.
Wish me luck.
