Path: csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <rosuav@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.078
X-Spam-Evidence: '*H*': 0.84; '*S*': 0.00; 'subject:Python': 0.05; 'lost.': 0.09; 'cc:addr:python-list': 0.10; 'obviously': 0.15; 'wed,': 0.15; "(i'm": 0.16; '4:59': 0.16; 'ciphers': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'key?': 0.16; 'wrote:': 0.16; 'cc:2**0': 0.21; 'cc:addr:python.org': 0.21; 'discovery': 0.22; 'am,': 0.23; '2015': 0.23; 'header:In-Reply-To:1': 0.24; 'message- id:@mail.gmail.com': 0.28; 'appear': 0.29; 'accomplished': 0.29; 'for,': 0.29; 'key,': 0.29; "who's": 0.32; 'getting': 0.33; "d'aprano": 0.33; 'steven': 0.33; 'received:google.com': 0.34; 'that,': 0.34; 'could': 0.35; 'false': 0.35; 'something': 0.35; 'but': 0.36; 'there': 0.36; 'possible': 0.36; 'subject:: ': 0.37; 'instead': 0.38; 'ones': 0.38; 'someone': 0.38; 'means': 0.39; 'sure': 0.40; 'where': 0.40; 'your': 0.60; 'even': 0.61; 'today,': 0.62; 'more': 0.62; 'encrypted': 0.66; 'subject:Data': 0.66; 'jul': 0.72; 'military': 0.72; 'chrisa': 0.84; 'compromised': 0.84; 'horrible': 0.84; 'resistant': 0.84; 'to:none': 0.90; 'secrets': 0.93
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=49YuXS3NvGqvF9o6EIELDAQ728l6a46WvzraTxTIGEM=; b=BGALrJpQtsbsvMZ5sZSEovKiwBnJByK7PCyE51Y3770cRRnhkfHAlz6uZFvHtNTkeM ptEeoZpTQKu10RF5eN0Nsi5Q2h4WLYxKXqXXzOb4vnKlS+o+FqOQx/QZAYFR5A5D+FV1 eTPGP9YaZzx+U4xgoOrBmxMyzOkfaMhgJvYQFj3vtTQVI5S6JfePgZFe7A/WQymET8eI K7AxDc6xDp1cyYyiicmzw7ccjoOvbm5Iui8w/9hJzOL/pXR5l9RkwtqW6BC0M2it9U70 RX7kkXEQa+gkHSvxcyeEEp18yy+MCPHIXghgzUeTWf62LF6gHT/IY7TFC/9vls78Hp+S AICQ==
MIME-Version: 1.0
X-Received: by 10.107.131.75 with SMTP id f72mr22050110iod.53.1435692051007; Tue, 30 Jun 2015 12:20:51 -0700 (PDT)
In-Reply-To: <5592e71e$0$1674$c3e8da3$5496439d@news.astraweb.com>
References: <mmcagn$aa5$1@ger.gmane.org> <q67loadve6lsrh672u47omr04tvqttt6jd@4ax.com> <mailman.29.1435170987.3674.python-list@python.org> <558b7e85$0$1648$c3e8da3$5496439d@news.astraweb.com> <mailman.42.1435206516.3674.python-list@python.org> <558bc912$0$2899$c3e8da3$76491128@news.astraweb.com> <slrnmonkip.1nu.jon+usenet@frosty.unequivocal.co.uk> <558c1a7e$0$1668$c3e8da3$5496439d@news.astraweb.com> <slrnmoo7ev.1nu.jon+usenet@frosty.unequivocal.co.uk> <CAPTjJmqOzLTv9cFFKjV-BLtaFZhEZ4B870ALqNMmanCEN-VqXA@mail.gmail.com> <mailman.89.1435280528.3674.python-list@python.org> <558d86b0$0$1659$c3e8da3$5496439d@news.astraweb.com> <mmkbij$dpm$1@ger.gmane.org> <CAPTjJmon4abegr01-+mo5aLML+gA3wnR_+_kTTU7gGuCn=xrDA@mail.gmail.com> <mailman.141.1435424948.3674.python-list@python.org> <558ef059$0$1673$c3e8da3$5496439d@news.astraweb.com> <mailman.171.1435611181.3674.python-list@python.org> <5592065e$0$1675$c3e8da3$5496439d@news.astraweb.com> <mailman.198.1435685990.3674.python-list@python.org> <5592e71e$0$1674$c3e8da3$5496439d@news.astraweb.com>
Date: Wed, 1 Jul 2015 05:20:50 +1000
Subject: Re: Pure Python Data Mangling or Encrypting
From: Chris Angelico <rosuav@gmail.com>
Cc: "python-list@python.org" <python-list@python.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.20+
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.201.1435692054.3674.python-list@python.org>
Lines: 22
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1435692054 news.xs4all.nl 2950 [2001:888:2000:d::a6]:59160
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:93349

On Wed, Jul 1, 2015 at 4:59 AM, Steven D'Aprano <steve@pearwood.info> wrote:
> Today, if the key is compromised, all is lost. Is it possible that there are
> ciphers that are resistant to discovery of the key? Obviously if you know
> the key you can read encrypted messages, that's what the key is for, but
> there are scenarios where you would want security to degrade gracefully
> instead of in a brittle all-or-nothing manner:
>
> - even if the attacker can read my messages, he cannot tamper with
>   them or write new ones as me.
>
> (I'm pretty sure that, for example, the military would consider it horrible
> if the enemy could listen in on their communications, but *even worse* if
> the enemy could send false orders that appear to be legitimate.)

That would be accomplished by a two-fold enveloping of signing and
encrypting. If I sign something using my private key, then encrypt it
using your public key, someone who's compromised your private key
could snoop and read the message, but couldn't forge a message from
me. Of course, that just means there are lots more secrets to worry
about getting compromised.

ChrisA