obviscating python code for distribution

Hans Georg Schaathun hg at schaathun.net
Thu May 19 01:21:08 EDT 2011 

On Wed, 18 May 2011 14:34:46 -0700, geremy condra
  <debatem1 at gmail.com> wrote:
:  Systems can be designed that are absolutely secure under reasonable
:  assumptions. The fact that it has assumptions does not make your
:  statement true.
: (...)
:  I can't tell if you're trying to play word games with the distinction
:  between "system" and "module" or if you're just saying that you aren't
:  sure what FIPS actually certifies. Could you please clarify?

The distinction between system and module is rather significant.
If you only consider modules, you have bounded your problem and
drastically limited the complexity.

:  Again, I'm unsure what you're going for here. It sounds like you're
:  saying that obfuscation doesn't provide meaningful security, which is
:  my point.

Meaningful is a relative term, and it is hard to rule out the 
possibility that meaning can be found in some case.  Overall, we
agree though.

:  Are you talking about the Mayfair classical cipher here?

I am talking about the system used in public transport cards like
Oyster and Octopus.  I am not sure how classical it is, or whether
mayfair/mayfare referred to the system or just a cipher.  Any way,
it was broken, and it took years.

:  The entire field of formal modeling and verification has grown around
:  solving this problem. My new favorite in the field is "formal models
:  and techniques for analyzing security protocols", but there are other
:  works discussing OS kernel verification (which has gotten a lot of
:  attention lately) and tons of academic literature. Google (scholar) is
:  the place to go.

Sure, but now you are considering modules, rather than systems again.
It is when these reliable components are put together to form systems
that people fail (empirically).

:  If you can't say with confidence that something meets minimum security
:  standards, the answer is not to try to say it meets high security
:  standards.

So what?  The levels of assurance have nothing to do with standards.
The levels of assurance refer to the /confidence/ you can have that
the standards are met.

: > Or maybe it is right to say that the theory and skills do exist, but the
: > money to gather it all in one project to demonstrate the security of
: > a single system does not :-)
: 
:  Sorry, but again this is not correct.

You keep saying that, but whenever you try to back the claim, you 
keep referring to limited components and not systems at all.

-- 
:-- Hans Georg

More information about the Python-list mailing list