Snipplr

(Python) Improved ARC4 (IARC4) - weilawei

Fri, 20 Jul 2012 05:48:09 UTC

This code is public domain. Improved ARC4 (IARC4) contains a number of proposed improvements over naive ARC4: - Uses KSA from VMPC minus an IV. - Uses 2 state spaces (RC4A). Splits the key and nonce to produce a key and nonce for each state space. Each subkey and subnonce is XOR'd together to produce a new subkey. **TODO**: They should be hashed, but they are not currently, until I select a hash function with an appropriately sized output, which won't limit the keyspace available to IARC4. - Takes a nonce alongside the key. The key and nonce must be random and of even, equal length, with 512 bytes per key/nonce suggested. - Drops the first 8192 (4096 per state space) iterations of the PRNG (RC4-drop8192). - A KeyExpiredError is raised after 255 iterations of the PRNG, excluding the initial drop. Passing the `expires` option to IARC4 will alter this limit. This code should not be considered secure. It has not been cryptanalyzed and should not be used in production. This code is strictly experimental.

(Python) Simple XOR Hash - weilawei

Sat, 02 Jun 2012 00:20:34 UTC

This is a simple hash that pads its input to the block size and XORs every block together. Output is in hexadecimal octets. Probability of collisions is extremely high and they are easy to calculate, although the function is one-way, so this is more (though, not very) useful as a checksum.

(Clojure) Axis-Aligned Bounding Box - weilawei

Mon, 07 May 2012 00:50:21 UTC

make-aabb [a-point b-point] [a-point b-point]: Creates a 3D Axis-Aligned Bounding Box (AABB). aabb-contains? [a-box a-point]: Returns true if a 3D AABB contains a given point.

(Python) A Clueless Agent Generator for Python 3.2 - weilawei

Mon, 07 May 2012 00:01:14 UTC

This is an implementation of a clueless agent generator which creates self-decrypting clueless agents as described in "Environmental Key Generation towards Clueless Agents" by J. Riordan and B. Schneier. It requires Python 3.2 and PyCrypto of a recent build (tested with 2.4 and higher). To use, pass a python file (or other file) to be encrypted, followed by a series of "observations" on the command line. These observations are hashed to yield the encryption key. A signature is generated by hashing the key, and this signature will be expected to be present in the target environment. Pipe the resulting agent to a file or see the agent code directly on stdout. Additionally, there is an is_debug flag that can be specified (see the source) or tweaked in the resulting agent, to be more verbose. To attempt decryption/execution of a clueless agent, simply run the generated python script (agent) and pass a set of observations on the command line. If the hash of the hash of the observations match the signature, the hash of the observations will be used as the decryption key. If the signature does not match, the agent will exit with no output. The code previously directly exec()'d the resulting code, however, it simply outputs to stdout now. The resulting code would otherwise execute directly in-line, at that location in the program, which has many undesirable consequences. Piping it to a file and executing, piping it to a memory-backed temporary file and executing it, or placing the resulting code directly in memory afterward and then executing it, are all ways to run the code contained within. This makes it fundamentally little different from encrypting a file directly, except that the key is environmentally generated, perhaps by a daemon that feeds environmental observations on the command line to the agent. Note, you can encrypt more than Python scripts, and agents can be made to contain themselves. $ ./agent_generator.py plaincode.py 0 > cipheragent.py $ ./agent_generator.py cipheragent.py some more observations > double_agent.py $ ./double_agent.py wrong observations --nothing here-- $ ./double_agent.py some more observations > cipheragent_2.py --cipheragent_2.py now holds the same content as cipheragent.py-- $ ./cipheragent.py 0 > plaincode_2.py --plaincode_2.py now holds the same content as plaincode.py-- $ ./plaincode_2.py --should yield the same as-- $ ./plaincode.py

(Python) A Symmetric Somewhat Homomorphic Encryption Implementation - weilawei

Wed, 28 Mar 2012 09:46:18 UTC

This is an implementation of a symmetric SWHE from section 3.2 of "Computing Arbitrary Functions of Encrypted Data" by Craig Gentry. It contains a small modification (namely, the addition of a modulus parameter to allow a greater-than-2-element plaintext space). Examples provided illustrate the encryption/decryption of a value, addition and multiplication, the basic AND and XOR gates, and complex gates (circuits) for NOT, OR, NAND, NOR, IF, and RIGHT ROTATE. Note that I'm not a cryptographer, so I can't vouch for the correctness of this. If you find a bug, PLEASE post a comment below. Also, note that this is a toy, not production code: performing too many consecutive operations can easily cause values to exceed machine word size, and it's probably vulnerable to any number of attacks. NOTE: Using a modulus other than 2 should be considered dangerous--and remember, this is only a TOY. Do not use in production.