Last year I ran across this 2009 post by Bruce Schneier entitled “Another New AES Attack“. It got me thinking about and dissecting the Rijndael algorithm which most of you know as AES (Advanced Encryption Standard). This research surprised me, I found that AES has only three variants. These variants are best known by their key [...]


Put simply: “YOU DON’T” so quit trying. Just today: Why people insist on attempting this is beyond me. I’ve grown to really like Regex, I’ve even built a light-weight xml parser on regular expressions but you can not parse email addresses with a regex. Just look at some of these crazy attempts in [...]


Cont’d from Building a database in C# – Part 2 Caching and persistence seem to go hand-in-hand for this adventure. With the cost of serialization and IO it’s just not possible to get anything to perform well without a little caching. The questions I had around caching is really more along the lines of “how” [...]


No idea how I found myself on this blog; however, it was an interesting read: Why Is 100% Test Coverage Easier To Achieve? Although the translation is a little difficult to read he does an excellent job of pointing out the obvious benefits to 100% functional coverage. Let’s recap his main points… 1. First he [...]

Building a database in C# - Part 2

Cont’d from Building a database in C# – Part 1 So with the B+ tree semantics out of the way it was time to start looking at what was missing. Obviously it was all in memory and not yet on disk, and once it is on disk I’ll certainly need to cache. Yet there was [...]


Ok, so for the last week or two I’ve been off on an adventure of sorts with persistent media data structures. At first I was like “Surely a good solution exists?” this isn’t a new problem. Unfortunately I was unable to locate any solutions that were open source (non-GPL) and written entirely in managed code. [...]


It appears the issue I was discussing about storing passwords is finally getting a little more light. This article was posted on /. today and sums up the problem very clearly: Are you sure SHA-1+salt is enough for passwords? This is exactly what I was talking about in “Another example of how to store a [...]


I ran across this post titled “Salted Password Hashing” over on I’m amazed at all the little problems here, so before we continue with how to do this, let’s look at what you should not do: First, Hashed passwords, even when using salt, are possible to crack with a dictionary attack. Computers are fast [...]


So as I mentioned in the previous post, all this work to build lockless queues is really a waste of time. Why, well to answer that question we need something to compare it against. Thus the class below derives from Queue and provides the locking necessary to make the queue thread-safe (well, not thread safe, [...]


Again building upon the code from the previous post, this iteration provides some a little more usability. By way of providing a timeout you can TryDequeue and it will do the polling loop for you. If your wondering why I chose to use a polling loop rather than an event signal, I’ll clarify that in [...]