Return-Path: <python-python-list@m.gmane.org>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.001
X-Spam-Evidence: '*H*': 1.00; '*S*': 0.00; 'subject:Python': 0.05; '(even': 0.05; 'executable': 0.07; 'chunks': 0.09; 'cipher': 0.09; 'machines.': 0.09; 'prevents': 0.09; 'received:80.91': 0.09; 'received:80.91.229': 0.09; 'received:gmane.org': 0.09; 'received:list': 0.09; 'substitution': 0.09; 'stored': 0.10; 'index': 0.13; 'wed,': 0.15; 'file,': 0.15; 'user.': 0.15; '"file': 0.16; '>to': 0.16; 'anyone?': 0.16; 'decent': 0.16; 'encryption': 0.16; 'indexer).': 0.16; 'keys)': 0.16; 'message- id:@4ax.com': 0.16; 'name"': 0.16; 'received:80.91.229.3': 0.16; 'received:plane.gmane.org': 0.16; 'statements,': 0.16; 'worst': 0.16; 'retrieval': 0.18; 'url:home': 0.18; '(not': 0.20; 'suggested': 0.20; 'machine': 0.21; 'controlled': 0.22; 'enforce': 0.22; 'keys': 0.22; '2015': 0.23; 'header:X-Complaints-To:1': 0.26; 'command': 0.28; "doesn't": 0.28; 'towards': 0.29; "i'm": 0.29; 'appear': 0.29; 'record': 0.29; '-0500,': 0.29; 'invoke': 0.29; 'itself,': 0.29; 'signatures': 0.29; 'solution,': 0.29; 'handled': 0.29; 'random': 0.29; 'waste': 0.31; "i'd": 0.31; 'implement': 0.32; 'anyone': 0.32; 'accessible': 0.33; 'running': 0.34; 'file': 0.34; 'server': 0.34; 'to:addr:python-list': 0.35; 'done': 0.35; 'database,': 0.35; 'execution': 0.35; 'machines': 0.35; 'saved': 0.35; 'list': 0.35; 'submitting': 0.35; 'but': 0.36; 'data.': 0.36; 'should': 0.37; 'client': 0.37; 'subject:: ': 0.37; 'charset:us-ascii': 0.37; 'delete': 0.37; 'systems,': 0.38; 'received:org': 0.38; 'someone': 0.38; 'end': 0.39; 'to:addr:python.org': 0.39; 'data': 0.40; 'build': 0.40; 'your': 0.60; 'providing': 0.61; 'hear': 0.62; 'making': 0.64; 'policy.': 0.66; 'subject:Data': 0.66; 'virus': 0.68; 'transfer': 0.73; 'protect': 0.74; 'smith': 0.76; '(better': 0.84; 'dba': 0.84; 'openly': 0.84; 'dennis': 0.91; 'net.': 0.91; 'weaknesses': 0.91; 'why?': 0.91
X-Injected-Via-Gmane: http://gmane.org/
To: python-list@python.org
From: Dennis Lee Bieber <wlfraed@ix.netcom.com>
Subject: Re: Pure Python Data Mangling or Encrypting
Date: Wed, 24 Jun 2015 21:51:00 -0400
Organization: IISS Elusive Unicorn
References: <mmcagn$aa5$1@ger.gmane.org> <q67loadve6lsrh672u47omr04tvqttt6jd@4ax.com> <558AF89E.1070105@tnr.cc>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Gmane-NNTP-Posting-Host: adsl-108-79-222-44.dsl.klmzmi.sbcglobal.net
X-Newsreader: Forte Agent 6.00/32.1186
X-No-Archive: YES
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.20+
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.41.1435197071.3674.python-list@python.org>
Lines: 48
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1435197071 news.xs4all.nl 2822 [2001:888:2000:d::a6]:54909
X-Complaints-To: abuse@xs4all.nl
Path: csiph.com!usenet.pasdenom.info!news.stben.net!border1.nntp.ams1.giganews.com!nntp.giganews.com!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Xref: csiph.com comp.lang.python:93114

On Wed, 24 Jun 2015 13:36:14 -0500, Randall Smith <randall@tnr.cc>
declaimed the following:

>
>Right again.  A legitimate data owner would encrypt the data.  The 
>storage machine is encrypting to protect itself against unwanted 
>exposure to unencrypted malware.  Not that they would go looking at the 
>files, but their virus scanner or file indexer might.
>
	Why? Is this server machine openly accessible -- providing a command
line to anyone? And then making your stored data chunks available to any
user to invoke as programs?

	The worst a virus scanner should do it delete or quarantine a file
because it reads signatures that the file IS malicious. A file indexer may
build up a list of strings from the file, but unless someone can access the
index itself its just a waste of time (better handled by turning off the
indexer).

>Yes.  This is done for "imaged" systems, but I don't have control over 
>the storage machines.
>
	Then I think you have a flawed security policy. Your storage servers
should be the tightest controlled machines on the net.

>I'm leaning towards using a random substitution cipher suggested by 
>Devin Jeanpierre.  If you see any weaknesses in that solution, I'd like 
>to hear them.
>

	And I'm still leaning toward using a decent client/server RDBM (even if
the "client" is running on the server machine to accept transfer requests).
With the proper time spent designing the database, you might be able to
implement stored programs to do encryption as a record is inserted, and
decryption as it is retrieved. The key would be locked to the stored
programs which are only executable from the client submitting SQL
statements, but which can not be read by anyone other than the DBA user.

	This also prevents any inadvertent execution of user data as it doesn't
appear in the file system itself, it is saved as BLOBs in the database. End
user identification and "file name" would be the retrieval keys (not
encryption keys) and required for all SQL (again, stored programs to
enforce such).

-- 
	Wulfraed                 Dennis Lee Bieber         AF6VN
    wlfraed@ix.netcom.com    HTTP://wlfraed.home.netcom.com/