Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.007 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; '16,': 0.03; 'subject:Python': 0.05; 'transform': 0.05; 'prefix': 0.07; 'bytes,': 0.09; 'cipher': 0.09; 'happen.': 0.09; 'substitution': 0.09; 'cc:addr:python-list': 0.10; '255': 0.16; 'cleartext': 0.16; 'duplicates': 0.16; 'encryption': 0.16; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'nope,': 0.16; 'tables,': 0.16; 'utterly': 0.16; 'wrote:': 0.16; 'translation': 0.16; "wouldn't": 0.16; 'byte': 0.18; 'bytes': 0.18; 'duplicate': 0.18; 'machine': 0.21; 'cc:2**0': 0.21; 'cc:addr:python.org': 0.21; '(the': 0.22; 'do.': 0.22; 'fairly': 0.22; 'keys': 0.22; 'am,': 0.23; '2015': 0.23; 'tables': 0.23; 'header:In-Reply-To:1': 0.24; 'recognized': 0.24; 'required.': 0.26; 'separate': 0.27; '[2]': 0.27; 'data,': 0.27; 'message-id:@mail.gmail.com': 0.28; "doesn't": 0.28; 'closer': 0.29; 'figured': 0.29; 'lot.': 0.29; 'that.': 0.30; 'values': 0.30; 'work.': 0.30; 'becomes': 0.31; 'fri,': 0.31; 'seconds': 0.31; 'table': 0.32; '[1]': 0.32; 'computing': 0.32; 'file': 0.34; 'received:google.com': 0.34; 'could': 0.35; 'attempt': 0.35; 'but': 0.36; 'there': 0.36; 'possible': 0.36; "let's": 0.36; 'two': 0.37; 'subject:: ': 0.37; 'instead': 0.38; 'say': 0.38; 'files': 0.38; 'means': 0.39; 'data': 0.40; 'even': 0.61; 'maximum': 0.61; 'simple': 0.61; 'times': 0.61; 'more': 0.62; 'secure.': 0.66; 'subject:Data': 0.66; 'cut': 0.67; 'laptop': 0.67; 'computers': 0.70; '26,': 0.72; 'sounds': 0.72; 'million': 0.73; 'attacking': 0.84; 'chrisa': 0.84; 'divide': 0.84; 'ridiculously': 0.84; 'start.': 0.84; 'to:none': 0.90; 'maybe,': 0.91; 'average': 0.93; 'secrets': 0.93 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=SreDtKOceBkgZmshjvXzC/WUn+h7nEWq0+URo7WBC+c=; b=bIdbZO7dJCRdWtfsJP6zCTVksDI2cXXj9U2q786W8rKWyRIe3QJzGQxLdHaAu+Ls1Z ZKvh6402pspB5t1ebon4gW4E+MmcnA8VkSSWKUqq/BjFI5YH7KVwrrjEot+UNvL+dS72 thEyInQ2Ag4BbhnMGDbD8dWH+U7p2smJOOfF/doCpNuQVG4a11T72J6EzII07SiuNatc l77rpfGoNptgCq/JUiPGzsiVjcpl+8fU/ah1HpFPCu9HOGXYsYj3O7LJh0I+yVfxcU/f Q8H+IULRUP+RX9hduWU4mFN9SFXYkKjFiSsjwv97agsBOqYirypSTPjQ0sXotC3aw+HL flpQ== MIME-Version: 1.0 X-Received: by 10.107.131.25 with SMTP id f25mr38129572iod.53.1435278795841; Thu, 25 Jun 2015 17:33:15 -0700 (PDT) In-Reply-To: References: <558b7e85$0$1648$c3e8da3$5496439d@news.astraweb.com> <558bc912$0$2899$c3e8da3$76491128@news.astraweb.com> <558c1a7e$0$1668$c3e8da3$5496439d@news.astraweb.com> Date: Fri, 26 Jun 2015 10:33:15 +1000 Subject: Re: Pure Python Data Mangling or Encrypting From: Chris Angelico Cc: "python-list@python.org" Content-Type: text/plain; charset=UTF-8 X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.20+ Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 38 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1435278799 news.xs4all.nl 2847 [2001:888:2000:d::a6]:51412 X-Complaints-To: abuse@xs4all.nl Path: csiph.com!usenet.pasdenom.info!news.stben.net!border1.nntp.ams1.giganews.com!nntp.giganews.com!newsfeed.xs4all.nl!newsfeed8.news.xs4all.nl!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Xref: csiph.com comp.lang.python:93169 On Fri, Jun 26, 2015 at 1:26 AM, Jon Ribbens wrote: >> There are only 256 possible values for n, one of which doesn't transform the >> data at all (ROT-0). If you're thinking of attacking this by pencil and >> paper, 255 transformations sounds like a lot. For a computer, that's barely >> harder than a single transformation. > > Well, it means you need to send 256 times as much data, which is a > start. If you're instead using a 256-byte translation table then > an attack becomes utterly impractical. > Utterly impractical? Maybe, if you attempt a pure brute-force approach - there are 256! possible translation tables, which is roughly e500 attempts [1], and at roughly four a microsecond [2] that'd still take a ridiculously long time. But there are two gigantic optimizations you could do. Firstly, there are frequency-based attacks, and byte value duplicates will tell you a lot - classic cryptographic work. And secondly, you can simply take the first few bytes of a file - let's say 16, although a lot of files can be recognized in less than that. Even if there are no duplicate bytes, that'd be a maximum of 16! translation tables that truly matter, or just 2e13. At the same speed, that makes about a million seconds of computing time required. Divide that across a bunch of separate computers (the job is embarrassingly parallel after all), and you could get that result pretty easily. Cut the prefix to just 8 bytes and you have a mere 40K encryption keys to try - so quick that you wouldn't even see it happen. Nope, a simple substitution cipher is still not secure. Even the famous Enigma machine was a lot more than just letter-for-letter substitution - a double letter in the cleartext wouldn't be represented by a double letter in the result - and once the machine's secrets were figured out, the day's key could be reassembled fairly readily. ChrisA [1] It's actually closer to 8.6e506, if you care. [2] timeit result from my laptop - you could do better, but that's a reasonable average