delphij's Chaos


26 Apr 2004

Is it practical to trust my mail system?

Yesterday someone has asked me about my diary system, I told her that my diary is managed by my own diary software, which is a close-source system (written in C#) and I do not want to share it with others because it is technically not a friendly one.

A password is required to access my diary. As you can imagine, it is a 64-byte (Yes, its byte, not bit) long one and is randomize generated. I used blowfish algorithm so you can read or write my diary with a same key.

However we all know that security is limited to the shortest band of the cask. Recently as I am at the lab more and more often, I usually transfer my diary pages through e-mail to home. The password I used there is much shorter (while still strong enough to beat script kids, though).

I am very sure that my mail system followed all security design principals and I really don’t fear of someone can break in. However, is it securs enough?

Maybe nobody can give me an answer :-)