Encryption with Python?

Anthra Norell anthra.norell at tiscalinet.ch
Mon May 9 18:12:20 EDT 2005 

Paul,

      I thank you too for your response. Let me just tell you what goes
through my mind.

----- Original Message -----
From: "Paul Rubin" <"http://phr.cx"@NOSPAM.invalid>
Newsgroups: comp.lang.python
To: <python-list at python.org>
Sent: Monday, May 09, 2005 9:45 PM
Subject: Re: Encryption with Python?


> "Anthra Norell" <anthra.norell at tiscalinet.ch> writes:
> > The non-randomness of the difference is evidence of having guessed the
key,
> > right? Why then do I need two samples? If I hack away at a single sample
I
> > get a probably more conspicuous non-randomness twice as fast.
>
> No.  Let's say you encrypt two ascii strings with the same key.  The
> high bit of each byte in the plaintext is zero.  Therefore if you xor
> the two ciphertexts together, the high bit of each byte of the result
> xor'd ciphertexts will be zero.  So just check for that and you've
> immediately spotted the non-randomness.

I don't follow. There is no bitwise correlation between a plain-text
character and its encoded equivalent. What's more, there is no detectable
correlation at all. Take a highly ordered plain text, such as a sting of
identical characters, e.g. 'AAAAAAAAAAAAAAA' and sequentially add a
deterministically generated random series (module 256 to keep them within
range), what you get is, quite obviously, a series of numbers that differs
from the added random series in only one respect: all values are shifted by
ord ('A'). The intervals from one byte to the next remain unchanged,
allowance made for the module 256 wrap-around. The intervals remaining
unchanged, the distribution and hence the randomness of the encryption
remains unchanged. Quite obviously, each one of the identical plain-text
characters very likely will be encrypted differently. Repeats would occur,
but they would occur randomly once every 256 times on an average.

> > I don't doubt that, given a series (long enough), the postion can be
> > derived. I doubt, though, that a series is knowable, if another,
unknown,
> > series has been added to it.
>
> You have to assume that the attacker has access to known
> plaintext-ciphertext pairs.  For example, you might not tell someone
> the password you use now, but what about some old password that you
> don't use any more?  If the attacker knows your old password (maybe
> because your sysop set it to some default value and had you change it
> on your first login), and has the encrypted version, there's a known
> plaintext.

Password management is certainly a problem, but of course is totally
unrelated to the quality of an encryption method.

> > I thought the problem was concealing passwords from ones kids or
> > collaborators.
>
> Encryption is supposed to conceal data from knowledgable attackers
> willing to burn significant resources to get at the data.  That mightof
> or might not describe your friends and collaborators.

I agree. Depending on a situation, a solution might or might not be
adequate.

> > I believe that a randomly distributed series utterly obliterates any
> > non-randomness or regularity of a second series, if the two are added.
>
> This is a meaningless statement since you don't give any definition of
> "randomly distributed series".

No, in fact I don't. I am quite confident that the library module 'random'
produces random distributions. As to the distribution of a non-random series
added to a random series, my intuition tells me that it remains random.

> > I don't know how to produce a formal proof. It is just a hunch. It's
> > actually more than a hunch. It is a conviction. Not a certainty; a
> > conviction. I'd be delighted to be proved wrong (or right).

I don't think it would be difficult for a mathematician to prove or disprove
the hypothesis. I did come up with an informal proof. It is a function I
will add at the bottom of this message. You can copy and run it, if you have
the Image package installed.

>
> If the keystream really can't be distinguished from random, then correct,
> though there's still issues with key management (you mustn't use the same
> key twice) and authentication.

The key is the seed of the random generator.

> Generating keystreams that are indistinguishable from random is an
> extremely tricky subject, there are books and papers written about it,
etc.

I agree. I wouldn't know how to design a random generator. Fortunately I
don't need to. I can use ready made ones.

> > The fact may be significant that we module overflow back into the
> > range.  So, if the distribution of my code is indeed random,

> Your code used the Python built-in PRNG algorithm which is designed to
> make output with similar statistical properties as actual random numbers,
> for the purpose of running stuff like simulations.  It makes no attempt
> at all to be secure against attackers trying to figure out whether the
> output is really random.

Try out the following function. You need the Image package.

Regards

Frederic

###############################################

def informal_proof_of_randomness (text_file_name):    # File must be longer
than 60K

   X = 0
   Y = 1

   import random

   NUMBER_OF_DOTS = 30000

   # Make three lists to collect coordinate pairs
   random_coordinates       = NUMBER_OF_DOTS * [None]
   plain_text_coordinates   = NUMBER_OF_DOTS * [None]
   encoded_text_coordinates = NUMBER_OF_DOTS * [None]

   # Fill one with random numbers
   for i in xrange (NUMBER_OF_DOTS):
      x = random.randint (0,255)
      y = random.randint (0,255)
      random_coordinates [i] = ((x,y))

   # Fill a second one with ascii codes (plain text)
   f = file (text_file_name, 'rb')
   for i in xrange (NUMBER_OF_DOTS):
      # No check if file runs out prematurely. Make sure it's at least 60K
      x = ord (f.read (1))
      y = ord (f.read (1))
      plain_text_coordinates [i] = ((x,y))
   f.close ()

   # Fill a third one with the sum of the two previous ones (proposed cipher
text)
   for i in xrange (NUMBER_OF_DOTS):
      encoded_text_coordinates [i] = \
         (random_coordinates [i][X] + plain_text_coordinates [i][X]) % 256,
\
         (random_coordinates [i][Y] + plain_text_coordinates [i][Y]) % 256


   import Image

   WHITE = 1
   BLACK = 0

   # Make three images to visualize the distribution
   random_image       = Image.new ('1', (256,256), WHITE)
   text_image         = Image.new ('1', (256,256), WHITE)
   encoded_text_image = Image.new ('1', (256,256), WHITE)

   for coordinate in random_coordinates:
      random_image.putpixel (coordinate, BLACK)

   for coordinate in plain_text_coordinates:
      text_image.putpixel (coordinate, BLACK)

   for coordinate in encoded_text_coordinates:
      encoded_text_image.putpixel (coordinate, BLACK)

   # Visualize the distributions
   random_image.show ()         # Looks like rain on a pavement
   text_image.show ()           # Does not at all
   encoded_text_image.show ()   # See for yourself

##############


> http://mail.python.org/mailman/listinfo/python-list

More information about the Python-list mailing list