Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.004 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'python,': 0.02; 'subject:Python': 0.05; 'that?': 0.05; 'used.': 0.05; 'key.': 0.07; '101': 0.09; 'cipher': 0.09; 'substitution': 0.09; 'python': 0.11; 'a",': 0.16; 'considers': 0.16; 'd",': 0.16; 'encryption': 0.16; 'expects': 0.16; 'house?': 0.16; 'nickle': 0.16; 'surprising': 0.16; 'varies': 0.16; 'wooden': 0.16; 'wrote:': 0.16; 'translation': 0.16; "wouldn't": 0.16; 'string': 0.17; 'byte': 0.18; 'linux,': 0.18; 'examples': 0.18; 'runs': 0.18; '>>>': 0.20; 'changes': 0.20; 'proposed': 0.20; 'keys': 0.22; 'text,': 0.22; 'pass': 0.22; 'am,': 0.23; 'code.': 0.23; '2015': 0.23; 'sat,': 0.23; 'import': 0.24; 'header:In-Reply-To:1': 0.24; 'implemented': 0.24; 'second': 0.24; 'skip:m 30': 0.27; 'message- id:@mail.gmail.com': 0.28; "doesn't": 0.28; 'skip:( 20': 0.28; 'initial': 0.29; 'random': 0.29; 'seconds': 0.31; 'system,': 0.32; "d'aprano": 0.33; 'option.': 0.33; 'steven': 0.33; '(for': 0.34; 'server': 0.34; 'received:google.com': 0.34; 'to:addr:python- list': 0.35; 'fail': 0.35; 'remote': 0.35; 'step': 0.36; 'but': 0.36; 'text': 0.36; 'too': 0.36; 'there': 0.36; 'two': 0.37; 'should': 0.37; 'subject:: ': 0.37; 'say': 0.38; 'things': 0.39; 'application': 0.39; 'to:addr:python.org': 0.39; 'resources': 0.39; 'data': 0.40; 'sure': 0.40; 'called': 0.40; 'why': 0.40; 'your': 0.60; 'claim': 0.61; "you'll": 0.61; 'expert': 0.63; 'different': 0.64; 'offer': 0.65; 'differences': 0.66; 'subject:Data': 0.66; 'course.': 0.67; 'investment': 0.67; 'believe': 0.67; 'confusing': 0.84; 'discussion)': 0.84; 'hardly': 0.84; 'longest': 0.84; 'measurable': 0.84; 'timings': 0.84; 'to:name:python': 0.84; 'variation': 0.84; 'audit': 0.93; 'confidence': 0.95 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=sDYtYdgdN4N2OsUXf3X0xdi9ihFxTcJbkVzNsySRBw8=; b=nXmxrBWOU9BmsSwsw4DVEZPeJHBy9U48uy11gzMastTJN5gmLVovSz5ZLkW8oytcxi eDMthMD3abnZnOVmzh6l3JDbc+1l5m1cDFpiTRg/ji1FyfWdFv3dbmpA72elIG5lRhwo pVMRoaKFwFbvkVO0y2aARGR0EwxPNq0/kHY6BBC5IcGkCIjadtjTNiLOpZT96r8WQpmJ uhWkVFclnZXVygg6ajiz4tRgyv3cnugfrdCdxzQ9L+7CFFmKIW+EkhdxLNs+6djXH/BD UfbqMYblUfUDg6QO/LzDJwQnpMzc4wOORGOc7hKbVkVhzTmYolmaIdHZw2fD/hbYJMoy xMsg== X-Received: by 10.170.197.205 with SMTP id o196mr9700762yke.93.1435436216524; Sat, 27 Jun 2015 13:16:56 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <558eded8$0$1642$c3e8da3$5496439d@news.astraweb.com> References: <558b7e85$0$1648$c3e8da3$5496439d@news.astraweb.com> <558bc912$0$2899$c3e8da3$76491128@news.astraweb.com> <558c1a7e$0$1668$c3e8da3$5496439d@news.astraweb.com> <558d86b0$0$1659$c3e8da3$5496439d@news.astraweb.com> <558e1ac6$0$1675$c3e8da3$5496439d@news.astraweb.com> <558e610f$0$1648$c3e8da3$5496439d@news.astraweb.com> <558eded8$0$1642$c3e8da3$5496439d@news.astraweb.com> From: Ian Kelly Date: Sat, 27 Jun 2015 14:16:16 -0600 Subject: Re: Pure Python Data Mangling or Encrypting To: Python Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 95 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1435436224 news.xs4all.nl 2905 [2001:888:2000:d::a6]:37980 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:93261 On Sat, Jun 27, 2015 at 11:35 AM, Steven D'Aprano wro= te: > On Sun, 28 Jun 2015 01:09 am, Ian Kelly wrote: > >> On Sat, Jun 27, 2015 at 2:38 AM, Steven D'Aprano >> wrote: >>> Can you [generic you] believe that attackers can *reliably* attack remo= te >>> systems based on a 20=C2=B5s timing differences? If you say "No", then = you >>> fail Security 101 and should step away from the computer until a securi= ty >>> expert can be called in to review your code. >> >> Of course. I wouldn't bet the house on it, but with the proposed >> substitution cipher system, I don't see why there would be any >> measurable timing differences at all based on the choice of key. > > I wouldn't bet one wooden nickle on it. Not without a security audit of t= he > application. And then what happens when the implementation changes and th= e > audit is no longer valid? I don't disagree about the security audit, although I think you'll find that such things will require a greater investment of resources than a wooden nickel. > Despite his initial claim that he doesn't want to use AES because it's to= o > slow implemented as pure Python, Randall has said that the application wi= ll > offer AES encryption as an option. Once again you're confusing what he said about the server with what he said about the client. Just because he considers it too slow for data mangling on the server doesn't make it too slow for any use. >> The time to obfuscate a single byte is constant, > > Are you sure about that? Bet your house? How about your computer? > > > # Python 3.3 on Linux, YMMV > > py> text =3D 'NOBODY expects the Spanish Inquisition!'*50000 > py> import string > py> s =3D string.digits + string.ascii_letters > py> t =3D (string.ascii_uppercase + string.digits[::-1] + > ... string.ascii_lowercase) > py> trans1 =3D str.maketrans('abcdef', 'fedcba') > py> trans2 =3D str.maketrans(s, t) > py> trans3 =3D str.maketrans('aZ', 'Za') > py> with Stopwatch(): > ... x =3D str.translate(text, trans1) > ... > time taken: 0.427513 seconds > py> with Stopwatch(): > ... x =3D str.translate(text, trans2) > ... > time taken: 0.228869 seconds > py> with Stopwatch(): > ... x =3D str.translate(text, trans3) > ... > time taken: 0.387105 seconds Your examples are using partial keys of different sizes. It's hardly surprising that the timing varies when you pass dicts of varying sizes as the translation tables. py> a =3D list(range(256)) py> b =3D random.sample(a, 256) py> c =3D random.sample(a, 256) py> d =3D random.sample(a, 256) py> min(timeit.repeat("str.translate(text, a)", "from __main__ import text, a", number=3D10, repeat=3D10)) 0.9780099680647254 py> min(timeit.repeat("str.translate(text, b)", "from __main__ import text, b", number=3D10, repeat=3D10)) 0.9837233647704124 py> min(timeit.repeat("str.translate(text, c)", "from __main__ import text, c", number=3D10, repeat=3D10)) 0.9627216667868197 py> min(timeit.repeat("str.translate(text, d)", "from __main__ import text, d", number=3D10, repeat=3D10)) 0.9793561780825257 py> min(timeit.repeat("str.translate(text, c)", "from __main__ import text, c", number=3D10, repeat=3D10)) 0.9840573272667825 I ran it on c a second time to see if the 0.962 timing was systemic or a fluke. The fact that c produced both the shortest and longest timings out of only two runs lends me confidence (for the purpose of this discussion) that the variation seen in these timings is random and not correlated to the keys used.