Re: ANN: obfuscate 0.2.2
On Monday, November 13, 2017 at 6:03:23 PM UTC-6, joshj...@gmail.com wrote: > for importing obfuscate do we just type in import obfuscate > or import obfuscate 0.2.2 Oh boy. I had forgotten about this little community "gem" dating back to 2010. And unfortunately for comrade Steven, there is no way to obfuscate this thread! Not even double rot13 will help! :-)) -- https://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
for importing obfuscate do we just type in import obfuscate or import obfuscate 0.2.2 -- https://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I may add a quadruple-rot13 to the next release. Would you like credit? obfuscate does include ciphers which, prior to the invention of the computer, were good enough for real world use. E.g. the Playfair cipher was still in use for field communications in World War 2, e.g: http://practicalcryptography.com/ciphers/playfair-cipher/ and of course Vigenere is uncrackable if you provide it with a cryptographically random key as long as the message which you use only once. (In that case, it is a one-time-pad.) -- Steven -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
On Sun, Apr 11, 2010 at 1:17 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I think I lost a sarcasm detector to this line- are you being serious? Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
On Sun, 11 Apr 2010 03:00:50 +, geremy condra wrote: On Sun, Apr 11, 2010 at 1:17 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I think I lost a sarcasm detector to this line- are you being serious? Possibly I overloaded your sarcasm detector and broke it. No, I'm not serious. If I had a dollar for every time somebody suggested using rot13 twice for extra security, I could buy out Microsoft. Hell, if I had a dollar for every time *I* suggested using rot13 twice, I could buy out Google. -- Steven -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
In article mailman.1734.1270954853.23598.python-l...@python.org, geremy condra debat...@gmail.com wrote: On Sun, Apr 11, 2010 at 1:17 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I think I lost a sarcasm detector to this line- are you being serious? There are people who have a .sig that says, This message protected by double-rot13 for extra security. It's an extremely common jape. -- Aahz (a...@pythoncraft.com) * http://www.pythoncraft.com/ It is easier to optimize correct code than to correct optimized code. --Bill Harlan -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
On Sun, Apr 11, 2010 at 3:44 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sun, 11 Apr 2010 03:00:50 +, geremy condra wrote: On Sun, Apr 11, 2010 at 1:17 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I think I lost a sarcasm detector to this line- are you being serious? Possibly I overloaded your sarcasm detector and broke it. I figured, but given how severely it broke I couldn't be sure. I suppose the fact that you used exclamation points should have tipped me off, though. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate 0.2.2
On Sun, Apr 11, 2010 at 4:37 AM, Aahz a...@pythoncraft.com wrote: In article mailman.1734.1270954853.23598.python-l...@python.org, geremy condra debat...@gmail.com wrote: On Sun, Apr 11, 2010 at 1:17 AM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: On Sat, 10 Apr 2010 13:34:17 -0700, Paul Rubin wrote: Steven D'Aprano st...@remove-this-cybersource.com.au writes: DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. Certainly no one should never use obfuscate's rot13 function for high security. Use at least double-rot13 instead, or maybe even quadruple rot13 ;-). Ha ha, that's funny! I've never heard that one before! *wink* I think I lost a sarcasm detector to this line- are you being serious? There are people who have a .sig that says, This message protected by double-rot13 for extra security. It's an extremely common jape. I work in infosec. I've heard it ;) Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 11/02/2010 11:32, Paul Rubin wrote: Gregory Ewinggreg.ew...@canterbury.ac.nz writes: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. I think you are thinking of the Kriegsmarine (naval) Enigma. Yes they were more careful with procedures, but the machine was also harder to crack because it had four rotors instead of three. IIRC, the Brits were eventually (1942?) able to capture one by shooting up a German submarine and boarding it to get the machine while the sub was sinking; a British sailor wasn't able to get out in time and drowned during that operation. Getting the rotor settings off the captured unit (they may have had to do it more than once) was enough to get a foothold into the code. My memory is hazy on this by now so I may have some parts wrong, but David Kahn's book Seizing the Enigma tells the story (I read it many years ago). A fictionalized version appears in Neil Stephenson's novel Cryptonomicon. And for those who haven't been to Bletchley Park [*] I recommend it. Not only is it full of interesting stuff, but it has an engagingly amateurish air about it which I personally prefer to the sleek-and-shiny nature of many museum-y places today. When I was there last summer I was disappointed to see that they'd closed the Pigeon Museum. But the Model Railway club was still there (altho' we were too late in the day to get in) and the new Computing Museum is full of delightful nostalgic clutter being worked on by enthusiastic people. My kind of place.. TJG [*] http://www.bletchleypark.org.uk/ -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
in 16 20100212 034121 Paul Rubin no.em...@nospam.invalid wrote: See http://en.wikipedia.org/wiki/Colossus_computer That was almost at the end of the war though. Colossus was working by the end of 1943 - the year that the Americans first dropped bombs on Germany ;-) -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Mark Lawrence breamore...@yahoo.co.uk writes: The predecessor of the Enigma was cracked by Polish scientists years before WW2 started I believe that all of Enigma was eventually cracked cos of two major flaws. I think it never would have been cracked if it hadn't been cracked (whether by the Brits or the Poles) before the war started, using commercial versions of the Enigma that they had access to. The military Enigma and its operating methods got more sophisticated as the war went on, and the cryptanalysts were able to keep up with it by incrementally improving techniques that they were already using at scale. If they were suddenly confronted with the full-blown military system in the middle of the war, it would have been a lot harder to do anything about it. At least, most of the Enigma-related books I've read give that impression and even come out and say such things. Further, the far more powerful Geheimscreiber was also cracked at Bletchley by using Colossus. Sorry some years since I read the book about this so can't remember the title or author. See http://en.wikipedia.org/wiki/Colossus_computer That was almost at the end of the war though. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Bob Martin wrote: in 16 20100212 034121 Paul Rubin no.em...@nospam.invalid wrote: See http://en.wikipedia.org/wiki/Colossus_computer That was almost at the end of the war though. Colossus was working by the end of 1943 - the year that the Americans first dropped bombs on Germany ;-) sept 1939 - sept 1945. It's nearer from the end, than from the begining. JM -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
in 144460 20100212 103319 Jean-Michel Pichavant jeanmic...@sequans.com wrote: Bob Martin wrote: in 16 20100212 034121 Paul Rubin no.em...@nospam.invalid wrote: See http://en.wikipedia.org/wiki/Colossus_computer That was almost at the end of the war though. Colossus was working by the end of 1943 - the year that the Americans first dropped bombs on Germany ;-) sept 1939 - sept 1945. It's nearer from the end, than from the begining. If I must spell it out ;-) Near the end for us Brits but the Americans were only just getting into the action in Europe. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Paul Rubin wrote: Mark Lawrence breamore...@yahoo.co.uk writes: The predecessor of the Enigma was cracked by Polish scientists years before WW2 started I believe that all of Enigma was eventually cracked cos of two major flaws. I think it never would have been cracked if it hadn't been cracked (whether by the Brits or the Poles) before the war started, using commercial versions of the Enigma that they had access to. The military Enigma and its operating methods got more sophisticated as the war went on, and the cryptanalysts were able to keep up with it by incrementally improving techniques that they were already using at scale. If they were suddenly confronted with the full-blown military system in the middle of the war, it would have been a lot harder to do anything about it. At least, most of the Enigma-related books I've read give that impression and even come out and say such things. I completely agree. Further, the far more powerful Geheimscreiber was also cracked at Bletchley by using Colossus. Sorry some years since I read the book about this so can't remember the title or author. See http://en.wikipedia.org/wiki/Colossus_computer That was almost at the end of the war though. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Gregory Ewing wrote: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. IIRC some versions of the Enigma weren't cracked because they used a different setup and different daily keys. The predecessor of the Enigma was cracked by Polish scientists years before WW2 started. Some flaws in the instructions and a known plain text attack made the crack of the Enigma practical. It took the British scientists merely hours rather than days or weeks to decipher the daily key with some smart tricks. For example they started fake attacks on ships or cities just to have the names in some encrypted reports. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Daniel Fetchinson wrote: It also turned out that everybody mostly writes his/her own obfuscation routine. Hey, it gives you the additional advantage of obfuscation by obscurity! -- Greg -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Gregory Ewing greg.ew...@canterbury.ac.nz writes: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. I think you are thinking of the Kriegsmarine (naval) Enigma. Yes they were more careful with procedures, but the machine was also harder to crack because it had four rotors instead of three. IIRC, the Brits were eventually (1942?) able to capture one by shooting up a German submarine and boarding it to get the machine while the sub was sinking; a British sailor wasn't able to get out in time and drowned during that operation. Getting the rotor settings off the captured unit (they may have had to do it more than once) was enough to get a foothold into the code. My memory is hazy on this by now so I may have some parts wrong, but David Kahn's book Seizing the Enigma tells the story (I read it many years ago). A fictionalized version appears in Neil Stephenson's novel Cryptonomicon. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Christian Heimes wrote: Gregory Ewing wrote: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. IIRC some versions of the Enigma weren't cracked because they used a different setup and different daily keys. The predecessor of the Enigma was cracked by Polish scientists years before WW2 started. Some flaws in the instructions and a known plain text attack made the crack of the Enigma practical. It took the British scientists merely hours rather than days or weeks to decipher the daily key with some smart tricks. For example they started fake attacks on ships or cities just to have the names in some encrypted reports. In some cases the British had decoded the messages before the intended recipient! The Americans decoded Japanese messages about an planned attack on an island, but didn't know which one because of the fake names, so they instructed their bases to report certain problems in a way that the Japanese could decode. Midway reported a shortage of water, the Japanese decoded it and sent a message about it, the Americans decoded their message and discovered that island's fake name, and thus found out that Midway was the intended target of the attack. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Paul Rubin wrote: Gregory Ewing greg.ew...@canterbury.ac.nz writes: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. I think you are thinking of the Kriegsmarine (naval) Enigma. Yes they were more careful with procedures, but the machine was also harder to crack because it had four rotors instead of three. IIRC, the Brits were eventually (1942?) able to capture one by shooting up a German submarine and boarding it to get the machine while the sub was sinking; a British sailor wasn't able to get out in time and drowned during that operation. Getting the rotor settings off the captured unit (they may have had to do it more than once) was enough to get a foothold into the code. My memory is hazy on this by now so I may have some parts wrong, but David Kahn's book Seizing the Enigma tells the story (I read it many years ago). A fictionalized version appears in Neil Stephenson's novel Cryptonomicon. U-559? I think that's the one where Hollywood made a film about it, but portraying it as a purely American action. That didn't go down too well in the UK! -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Paul Rubin wrote: Gregory Ewing greg.ew...@canterbury.ac.nz writes: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. I think you are thinking of the Kriegsmarine (naval) Enigma. Yes they were more careful with procedures, but the machine was also harder to crack because it had four rotors instead of three. IIRC, the Brits were eventually (1942?) able to capture one by shooting up a German submarine and boarding it to get the machine while the sub was sinking; a British sailor wasn't able to get out in time and drowned during that operation. Getting the rotor settings off the captured unit (they may have had to do it more than once) was enough to get a foothold into the code. My memory is hazy on this by now so I may have some parts wrong, but David Kahn's book Seizing the Enigma tells the story (I read it many years ago). A fictionalized version appears in Neil Stephenson's novel Cryptonomicon. U-559? I think that's the one where Hollywood made a film about it, but portraying it as a purely American action. That didn't go down too well in the UK! -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Christian Heimes wrote: Gregory Ewing wrote: Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. IIRC some versions of the Enigma weren't cracked because they used a different setup and different daily keys. The predecessor of the Enigma was cracked by Polish scientists years before WW2 started. Some flaws in the instructions and a known plain text attack made the crack of the Enigma practical. It took the British scientists merely hours rather than days or weeks to decipher the daily key with some smart tricks. For example they started fake attacks on ships or cities just to have the names in some encrypted reports. I believe that all of Enigma was eventually cracked cos of two major flaws. 1) A letter could never be sent as itself. 2) The Luftwaffe were very poor when compared to the Wehrmacht or Kriegsmarine about security so they were a major leak of data regarding the other organisations. 3) The users instead of using random three letter combinations kept using the same ones. HIT LER and BER LIN were popular, but the most famous one at Bletchley Park was the name of the guy's girlfriend. Further, the far more powerful Geheimscreiber was also cracked at Bletchley by using Colossus. Sorry some years since I read the book about this so can't remember the title or author. Regards. Mark Lawrence. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
All algorithms in obfuscate are obsolete, insecure and only interesting for people *that* want to get well educated in the history of encryption. Not true. Another use case is suggested by the chosen name for the library: to obfuscate text against casual human reading, while not making it at all difficult to decrypt by people who are motivated to do so. The classic example is rot-13 encryption of text in internet messages; it would be a failure of imagination to suggest there are not other, similar use cases. I fully agree. Judging by the posts on c.l.p the need for simple obfuscation regularly comes up. I also posted something not so long ago and got all sorts of useful advice, a package here, a module there, etc. It also turned out that everybody mostly writes his/her own obfuscation routine. That is why I suggested that perhaps if the code base stabilizes an inclusion into the stdlib could be discussed. I'm not sure it really needs to go there but if it turns out that as many people need this kind of stuff as I imagine it, well, then we have enough use cases for sure. Grab pycrypto, m2crypto or one of the other packages if you need a minimum amount of security. Agreed. However, for cases that *don't* need security from determined attackers, I don't think those obviate the usefulness of this library. Exactly. Cheers, Daniel -- Psss, psss, put it down! - http://www.cafepress.com/putitdown -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 10 February 2010 01:24, Ben Finney ben+pyt...@benfinney.id.au wrote:
The classic example is rot-13 encryption of text in internet messages;
it would be a failure of imagination to suggest there are not other,
similar use cases.
That's built-in:
Hello World!.encode('rot-13')
'Uryyb Jbeyq!'
--
Cheers,
Simon B.
--
http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 10/02/2010 11:23, Simon Brunning wrote:
Hello World!.encode('rot-13')
Not any more!
dump
Python 3.1.1 (r311:74483, Aug 17 2009,
win32
Type help, copyright, credits or
Hello World!.encode('rot-13')
Traceback (most recent call last):
File stdin, line 1, in module
LookupError: unknown encoding: rot-13
/dump
TJG
--
http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Christian Heimes wrote: A much, much stronger version of the principles behind Vigenère was used in the German Enigma machine. Because the algorithm was still not good enought some clever guy called Turing and his team was able to crack the enigma. Actually I gather it had a lot to do with the fact that the Germans made some blunders in the way they used the Enigma that seriously compromised its security. There was reportedly a branch of the German forces that used their Enigmas differently, avoiding those mistakes, and the British never managed to crack any of their messages. -- Greg -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
In article 00fa27a3$0$15628$c3e8...@news.astraweb.com, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: I am pleased to announce the first public release of obfuscate 0.2.2a. http://pypi.python.org/pypi/obfuscate/0.2.2a obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) No pig latin? -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
I am pleased to announce the first public release of obfuscate 0.2.2a. http://pypi.python.org/pypi/obfuscate/0.2.2a obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) and others. DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. (The ciphers provided in obfuscate may have been state of the art centuries ago, but should not be used where strong encryption is required. obfuscate is released under the MIT licence. Requires Python 2.5 or 2.6. Great, these packages are badly needed! If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Cheers, Daniel -- Psss, psss, put it down! - http://www.cafepress.com/putitdown -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: I am pleased to announce the first public release of obfuscate 0.2.2a. http://pypi.python.org/pypi/obfuscate/0.2.2a obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) and others. DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. (The ciphers provided in obfuscate may have been state of the art centuries ago, but should not be used where strong encryption is required. obfuscate is released under the MIT licence. Requires Python 2.5 or 2.6. Great, these packages are badly needed! If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? -- Robert Kern I have come to believe that the whole world is an enigma, a harmless enigma that is made terrible by our own mad attempt to interpret it as though it had an underlying truth. -- Umberto Eco -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
In article mailman.2238.1265733013.28905.python-l...@python.org, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. (The ciphers provided in obfuscate may have been state of the art centuries ago, but should not be used where strong encryption is required. Great, these packages are badly needed! If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? You missed the white-on-white smiley, I think. -- Aahz (a...@pythoncraft.com) * http://www.pythoncraft.com/ import antigravity -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 9 February 2010 16:29, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? I agree. Why wait? Put them in the stdlib now! -- Cheers, Simon B. -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On Tue, Feb 9, 2010 at 5:10 PM, Simon Brunning si...@brunningonline.net wrote: On 9 February 2010 16:29, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? I agree. Why wait? Put them in the stdlib now! -- Cheers, Simon B. Can we please stop this? -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
* David Robinow: On Tue, Feb 9, 2010 at 5:10 PM, Simon Brunning si...@brunningonline.net wrote: On 9 February 2010 16:29, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? I agree. Why wait? Put them in the stdlib now! Can we please stop this? I agree. I haven't looked at the code but the functionality that's listed is useful, e.g. in a Usenet client, and it's fun to play around with for a beginner. Also, for example, Christian Heimes wrote else-thread: «Your work should be interesting for everybody who has read Simon Sing's The Code Book: The Science of Secrecy from Ancient Egypt to Quantum» (and I for one have that book). Cheers, - Alf -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On 10-02-2010 00:09, Alf P. Steinbach wrote: * David Robinow: On Tue, Feb 9, 2010 at 5:10 PM, Simon Brunning si...@brunningonline.net wrote: On 9 February 2010 16:29, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? I agree. Why wait? Put them in the stdlib now! Can we please stop this? I agree. sorry I don't, unless Python is only meant for the very well educated people in encryption. I haven't looked at the code but the functionality that's listed is useful, e.g. in a Usenet client, and it's fun to play around with for a beginner. I neither did look at the code, but as a beginner with just 3 years of experience in Python, I've tried several scrambling libs, for a quick and dirty use. All were much too difficult, so I made my own xor-something. Coming from Delphi, a scrambling lib is working is less than 10 minutes, without the need of any knowledge of encryption. I prefer Python over Delphi, but some things are made very complex in Python. cheers, Stef Also, for example, Christian Heimes wrote else-thread: «Your work should be interesting for everybody who has read Simon Sing's The Code Book: The Science of Secrecy from Ancient Egypt to Quantum» (and I for one have that book). Cheers, - Alf -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On Feb 9, 7:21 am, Roy Smith r...@panix.com wrote: In article 00fa27a3$0$15628$c3e8...@news.astraweb.com, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: [..] No pig latin? Wait a minute guys, Stevens a well known prankster and comic relief clown around here, I think he's just shining us all on! ;o) -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
En Tue, 09 Feb 2010 20:27:13 -0300, Stef Mientki stef.mien...@gmail.com escribió: On 10-02-2010 00:09, Alf P. Steinbach wrote: * David Robinow: On Tue, Feb 9, 2010 at 5:10 PM, Simon Brunning si...@brunningonline.net wrote: On 9 February 2010 16:29, Robert Kern robert.k...@gmail.com wrote: On 2010-02-09 09:37 AM, Daniel Fetchinson wrote: If the code base stabilizes in a production version after losing the alphas and betas they would be a great addition to the stdlib, I think. Why? I agree. Why wait? Put them in the stdlib now! Can we please stop this? I agree. sorry I don't, unless Python is only meant for the very well educated people in encryption. I haven't looked at the code but the functionality that's listed is useful, e.g. in a Usenet client, and it's fun to play around with for a beginner. I neither did look at the code, but as a beginner with just 3 years of experience in Python, I've tried several scrambling libs, for a quick and dirty use. All were much too difficult, so I made my own xor-something. Coming from Delphi, a scrambling lib is working is less than 10 minutes, without the need of any knowledge of encryption. I prefer Python over Delphi, but some things are made very complex in Python. Are you sure? def xor(s, key): ... return ''.join(chr(ord(c)^key) for c in s) ... txt = Hello world! xor(txt, 123) '3\x1e\x17\x17\x14[\x0c\x14\t\x17\x1fZ' xor(_, 123) 'Hello world!' The Delphi code would be certainly longer than that, some variation of: function encrypt_xor(const s: string; key: integer); var i: integer; begin SetLength(Result, length(s)); for i:=1 to length(s) do begin Result[i] := chr(ord(s[i]) xor key); end; end; (untested) -- Gabriel Genellina -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Stef Mientki wrote: sorry I don't, unless Python is only meant for the very well educated people in encryption. All algorithms in obfuscate are obsolete, insecure and only interesting for people *that* want to get well educated in the history of encryption. I neither did look at the code, but as a beginner with just 3 years of experience in Python, I've tried several scrambling libs, for a quick and dirty use. All were much too difficult, so I made my own xor-something. Coming from Delphi, a scrambling lib is working is less than 10 minutes, without the need of any knowledge of encryption. I prefer Python over Delphi, but some things are made very complex in Python. It's tricky to implement modern cryptographic algorithms with Python. Most example codes are written in C and the implementations are using overflow (e.g. 255 + 1 == 0) a lot. It took me twice as long to get the TEA family (TEA, XTEA, XXTEA) crypt functions right in Python than I required to wrap existing code in an handwritten C interface. One of the strongest encryption algorithm in the list -- Vigenère -- was crack over 150 years (!) ago. A much, much stronger version of the principles behind Vigenère was used in the German Enigma machine. Because the algorithm was still not good enought some clever guy called Turing and his team was able to crack the enigma. It's one of the main reasons the Germans were defeated and the world doesn't look like in Robert Harris Fatherland today. Oh, and we go computers, too. ;) Grab pycrypto, m2crypto or one of the other packages if you need a minimum amount of security. Christian -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Christian Heimes li...@cheimes.de writes: All algorithms in obfuscate are obsolete, insecure and only interesting for people *that* want to get well educated in the history of encryption. Not true. Another use case is suggested by the chosen name for the library: to obfuscate text against casual human reading, while not making it at all difficult to decrypt by people who are motivated to do so. The classic example is rot-13 encryption of text in internet messages; it would be a failure of imagination to suggest there are not other, similar use cases. Grab pycrypto, m2crypto or one of the other packages if you need a minimum amount of security. Agreed. However, for cases that *don't* need security from determined attackers, I don't think those obviate the usefulness of this library. -- \ “Reality must take precedence over public relations, for nature | `\cannot be fooled.” —Richard P. Feynman | _o__) | Ben Finney -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On Wed, 10 Feb 2010 02:03:47 +0100, Christian Heimes wrote: Stef Mientki wrote: sorry I don't, unless Python is only meant for the very well educated people in encryption. All algorithms in obfuscate are obsolete, insecure and only interesting for people *that* want to get well educated in the history of encryption. [...] Grab pycrypto, m2crypto or one of the other packages if you need a minimum amount of security. As the author of obfuscate, I would like to second Christian's statement. obfuscate is NOT meant for serious security, as I state in both the source code and the documentation to the module. That's not to say that it can't be useful for some people -- I wouldn't have spent the time writing it if I didn't think it was useful. But it is useful for obfuscation, education and puzzles, not for secure encryption. I'm not sure how serious the calls for this to be added to the standard library are. If they're serious, I'm grateful for the votes of confidence from people, but I can't imagine Guido saying yes. In any case, it's premature to talk about adding it to the std library while it is still in alpha. Thank you for all the comments, even the tongue-in-cheek ones. This has exceeded my wildest expectations! I'm always interested in feedback, good and bad, either publicly or privately. -- Steven -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Steven D'Aprano schrieb: I am pleased to announce the first public release of obfuscate 0.2.2a. http://pypi.python.org/pypi/obfuscate/0.2.2a obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) Nice work! Your work should be interesting for everybody who has read Simon Sing's The Code Book: The Science of Secrecy from Ancient Egypt to Quantum. Christian -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
On Mon, Feb 8, 2010 at 6:46 PM, Steven D'Aprano st...@remove-this-cybersource.com.au wrote: I am pleased to announce the first public release of obfuscate 0.2.2a. http://pypi.python.org/pypi/obfuscate/0.2.2a obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) and others. DISCLAIMER: obfuscate is not cryptographically strong, and should not be used where high security is required. (The ciphers provided in obfuscate may have been state of the art centuries ago, but should not be used where strong encryption is required. obfuscate is released under the MIT licence. Requires Python 2.5 or 2.6. -- Steven D'Aprano -- http://mail.python.org/mailman/listinfo/python-list Nice! Maybe someday you can extend it with a pen-and-paper signature scheme ;) Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Steven D'Aprano wrote: obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) I prefer the strength of Triple ROT-13 for my obfuscation needs, but I don't see it listed here. I guess I'll have to roll my own despite the dire warnings against amateur cryptographers authoring their own unvetted implementations. ;-) -tkc -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
I always though a double rot13 followed by a rot26 was the best? On Mon, Feb 8, 2010 at 9:19 PM, Tim Chase python.l...@tim.thechases.comwrote: Steven D'Aprano wrote: obfuscate is a pure-Python module providing classical encryption algorithms suitable for obfuscating and unobfuscating text. obfuscate includes the following ciphers: - Caesar, rot13, rot5, rot18, rot47 - atbash - Playfair, Playfair6 and Playfair16 - Railfence (encryption only) - Keyword - Affine - Vigenere - frob (xor) I prefer the strength of Triple ROT-13 for my obfuscation needs, but I don't see it listed here. I guess I'll have to roll my own despite the dire warnings against amateur cryptographers authoring their own unvetted implementations. ;-) -tkc -- http://mail.python.org/mailman/listinfo/python-list -- http://mail.python.org/mailman/listinfo/python-list
Re: ANN: obfuscate
Tim Chase wrote: I prefer the strength of Triple ROT-13 for my obfuscation needs, but I don't see it listed here. That's old hat -- with the advent of 3GHz cpus and GPGPU, all the experts are recommending quadruple ROT-128 nowadays. -- Greg -- http://mail.python.org/mailman/listinfo/python-list
