SHA-based encryption function in Python

[Paul Rubin]

bryanjugglercryptographer at yahoo.com (Bryan Olson) writes:
> > And it actually might be faster to use two separate hash-based auth
> > keys than deal with the fancy HMAC padding, if a simple double hash
> > has some vulnerabilities.
> 
> HMAC's is only a small additive constant slower than the hash function.  
> For messages more than a few blocks long, it's not significant.  The
> extra padding and additional hash function calls only deal with two blocks.
> 
> Below is single-call HMAC in Python.

The additive constant is pretty painful for short strings.  In
applications I've worked on, short strings (like account numbers in a
database, or session ID's written into browser cookies) get encrypted
a lot and it's worthwhile to be able to handle them fast.

The SHA encryption function is already pretty slow for short strings
(implementing string-xor by 32-bit operations with the array module
helps for long strings).  HMAC pads the key out to the block length of
the underlying hash function, which also means the compression
function is called an extra time on each of the two hashes.  That may
not matter much when called from Python though.  And I think I can
speed up the HMAC string-xor's either with the array module or with
the string.translate function.

I'm looking for other ways to speed up the encryption function for
short strings but need to make more measurements.

Meanwhile, the whole function has mysteriously slowed down by about
15% even for long strings, even when I back out to old versions from
my RCS depot.  It's like my computer has suddenly gotten slightly
slower.  I'll reboot later and see if that changes anything, but it
makes me wonder if my older benchmarks are any good either.