Encryption with Python?

[Paul Rubin]

"Anthra Norell" <anthra.norell at tiscalinet.ch> writes:
> The non-randomness of the difference is evidence of having guessed the key,
> right? Why then do I need two samples? If I hack away at a single sample I
> get a probably more conspicuous non-randomness twice as fast.

No.  Let's say you encrypt two ascii strings with the same key.  The
high bit of each byte in the plaintext is zero.  Therefore if you xor
the two ciphertexts together, the high bit of each byte of the result
xor'd ciphertexts will be zero.  So just check for that and you've
immediately spotted the non-randomness.

> I don't doubt that, given a series (long enough), the postion can be
> derived. I doubt, though, that a series is knowable, if another, unknown,
> series has been added to it.

You have to assume that the attacker has access to known
plaintext-ciphertext pairs.  For example, you might not tell someone
the password you use now, but what about some old password that you
don't use any more?  If the attacker knows your old password (maybe
because your sysop set it to some default value and had you change it
on your first login), and has the encrypted version, there's a known
plaintext.

> I thought the problem was concealing passwords from ones kids or
> collaborators.

Encryption is supposed to conceal data from knowledgable attackers
willing to burn significant resources to get at the data.  That might
or might not describe your friends and collaborators.

> I believe that a randomly distributed series utterly obliterates any
> non-randomness or regularity of a second series, if the two are added. 

This is a meaningless statement since you don't give any definition of
"randomly distributed series".

> I don't know how to produce a formal proof. It is just a hunch. It's
> actually more than a hunch. It is a conviction. Not a certainty; a
> conviction. I'd be delighted to be proved wrong (or right).  

If the keystream really can't be distinguished from random, then correct,
though there's still issues with key management (you mustn't use the same
key twice) and authentication.

Generating keystreams that are indistinguishable from random is an
extremely tricky subject, there are books and papers written about it, etc.

> The fact may be significant that we module overflow back into the
> range.  So, if the distribution of my code is indeed random, 

Your code used the Python built-in PRNG algorithm which is designed to
make output with similar statistical properties as actual random numbers,
for the purpose of running stuff like simulations.  It makes no attempt
at all to be secure against attackers trying to figure out whether the
output is really random.