On Monday, September 29, 2003, at 10:55 AM, Alex Rice wrote:
#723 "improved stack encryption capability"
The entry #577, "put stack into variable", might be generalized to allow 'save', 'open', and 'start using' to refer to variables.
Perhaps with that encrypted stacks could then be saved in custom properties and decrypted before use. A script that looks forward to this might save the stack into a temporary folder and then open or start using.
This reduces the problem to an encryption problem.
The biggest part of that is not the method or the speed, but the logistics of keeping up with signatures and the like to allow users to verify the integrity of the module. Users will need to depend on the integrity of signers and either their experience and dedication to managing signed code or the review-ability of the code. To me, this means that initial encryption modules must be in Transcript, but I would consider an external. Another possibility would be external programs run by shell for some needs.
We might consider which possible performance enhancements might best support encryption. I think #586 would help in encryption and not just for speed reasons.
Variations on Blowfish might work. (I don't mean variation as in fiddling with it, I mean in application and handling ends.) If the situation is OK for using a stream cypher that works just the same as the one with the trademarked name RC4, I'd like that. I have yet to figure out how to get a SEAL license from IBM, so that is probably out.
However, for the light needs of most people here, I think we can put together a simple stream cypher that can be reviewed easily. Even though it might be weak, it might be better than some because it is reviewable.
Dar Scott
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
