On Thu, Jan 20, 2011 at 1:31 PM, <[email protected]> wrote: > On Thu, Jan 20, 2011 at 12:49:26PM +1100, Noon Silk wrote: >> Sounds to me like the simplist solution is just a one-time pad[1]. It >> won't increase the size, and from the sounds of your environment, you >> can just keep the keys locally, and use them only when you do the >> debugging. But perhaps I'm misunderstanding your question. > > Yeah, I knew people would tend not to answer my question and simply > provide solutions which won't work due to the context. But possibly > someone will give me something I haven't thought of, so let me explain > further.
Hah. I'm not sure how to take that; if you knew people wouldn't get the idea from your original message why wouldn't you clarify it up front? > OTP won't work - simply XORing a printable character with a non-printable > won't guarantee a printable, for example, and symbols have to be printable. Well no, it won't, but it's surely obvious that you could make it such that it was in the printable range? > It'd be much simpler to just map symbols to ordinal values, but that > has the following problem: > > The releases may have different sets of symbols, in different orders. > > Furthermore, the symbols have to map to the same thing on subsequent > releases so crashes can be correlated across releases. This last point is just a function of your decoding process. You're implying that you want to match pre-decryption, not post-decryption. I'd expect you'd want to match post-decryption, otherwise it would be trivial to correlate your "obfuscation" anyway, no? > Finally, it's a burden for data to have to be propogated from the > obfuscation run on one release to the next. They might be done by > different groups who don't normally communicate, for example, or there > could be release of different branches so no strict ordering in place > (apart from temporal, and that's kinda hard to enforce; one person > fails to update the obfuscated symbol mapping, or whatever shared > state is supposed to be passed along, and everything's hosed). Do you actually have a workflow where this needs to be used or is it theoretical? Do you have tools around it? (i.e. make it part of your build process and also symbol server, etc). > -- > Effing the ineffable since 1997. | http://www.subspacefield.org/~travis/ > My emails do not usually have attachments; it's a digital signature > that your mail program doesn't understand. > If you are a spammer, please email [email protected] to get blacklisted. > > _______________________________________________ > cryptography mailing list > [email protected] > http://lists.randombit.net/mailman/listinfo/cryptography -- Noon Silk http://dnoondt.wordpress.com/ (Noon Silk) | http://www.mirios.com.au:8081 > "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature." _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
