On 13/09/2012 10:26, Michael Conrad wrote:
On 9/12/2012 10:42 PM, [email protected] wrote:
My rationale behind writing this simple utility is as follows: Moving
data
through a fully encrypted tunnel like SSH is too slow for me, so I use
netcat/socat for moving large chunks of data between systems. I don't
want the
data to be easily identified and reproduced if it is somehow
intercepted, though
it's also not a major problem if someone goes through the trouble of
decrypting
it; thus, simple XOR encryption is good enough for my purposes and is
also
extremely fast. I'm sure someone else will find it useful, and given its
minuscule size, it is of negligible cost to include.
I apologize for further sidetracking the conversation, but if I were
going to write a quick-n-dirty encryption tool I would pick a 32-bit
int and then XOR with a pseudo-random sequence generated from it. That
would at least give the attacker a mental challenge (unless they knew
the first 4 bytes of the data...) Maybe also add a salt parameter?
while (more_data) {
data[i]= data[i] ^ key ^ salt;
key= key * a + c;
}
(http://en.wikipedia.org/wiki/Linear_congruential_generator)
Integer multiplication is pretty cheap on most hardware.
-Mike
I believe this is called an "affine cipher" and is easily broken?
If the only goal is to get past sniffers looking for data which matches
some regexp, then I should think that piping through an LZO compressor
was usually effective and likely to speedup the transfer except in the
case of very fast networks and slow processors?
One of the fastest "proper" encryption algorithms that I'm aware of that
also is well into the "still believed secure" category would be salsa20
(I'm no cryptanalysist, but it looks good to my eye). You can get fast
implementations here:
http://nacl.cr.yp.to/index.html
You can get an implementation of something interesting using
salsa20/poly1305/curve25519 through "curvetun"
I'm not sure I see the benefit of xorpipe being a utility vs a simple
standalone binary (especially given how simple such a standalone binary
would be?
Good luck!
Ed W
_______________________________________________
busybox mailing list
[email protected]
http://lists.busybox.net/mailman/listinfo/busybox
