Forums: » Register « |  Free Tools |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support |

New Free Tools on Dev Shed!

#1
September 13th, 2013, 11:49 AM
 RickBraun
Registered User

Join Date: Sep 2013
Posts: 19
Time spent in forums: 2 h 24 m 27 sec
Reputation Power: 0
Salting salsa20 in Python 3.x

Someone recommended a course in cryptography being offered over the internet. Pretty early on I learned about the salsa20 stream cipher.

Simple arithmetic tells me that an insignificant repetition probability in 2^40 occurrences is enough to cover 10 gig of data, which is plenty for most uses provided that a brand new cipher is generated for all 10-gig data units.

So I guess I need a 4-byte salt that does not offer a significant chance of repetition in 2^40 occurrences.

I know the Python random module doesn't provide that. What does, and how can I use it to generate the salt?

#2
September 13th, 2013, 12:03 PM
 b49P23TIvg
Contributing User

Join Date: Aug 2011
Posts: 4,169
Time spent in forums: 1 Month 3 Weeks 2 Days 10 h 13 m
Reputation Power: 455
Look at the random number generators in the gsl. Probably some of them have a sufficiently long period.

I don't know why you need 2**80 amount of data, then again, I don't understand all that well so never mind.
__________________
[code]Code tags[/code] are essential for python code!

#3
September 13th, 2013, 12:07 PM
 RickBraun
Registered User

Join Date: Sep 2013
Posts: 19
Time spent in forums: 2 h 24 m 27 sec
Reputation Power: 0
The idea is to have an insignificant rate of repetition over the entire life of the stream cipher key, because rate of repetition is a very basic vulnerability in stream encryption. A period of 2**30 offers a significant rate of repetition, but a period of 2**80 does not.

#4
September 13th, 2013, 01:39 PM
 b49P23TIvg
Contributing User

Join Date: Aug 2011
Posts: 4,169
Time spent in forums: 1 Month 3 Weeks 2 Days 10 h 13 m
Reputation Power: 455
I think the problem of repetitious salt is related to this at rosettacode.org
Every now and then I consider cracking this message. I haven't peeked at the answer!

#5
September 13th, 2013, 02:01 PM
 RickBraun
Registered User

Join Date: Sep 2013
Posts: 19
Time spent in forums: 2 h 24 m 27 sec
Reputation Power: 0
I did look at people's suggested solutions in various languages, and the Python solution is the only one that does the job without either requiring further user decisions, or relying on multiple scripts, or having a limitation on accidentally occurring English words in the cyphertext.I've copied and saved the Python script on my hard drive so I can study it offline. I note that it does the whole job by importing only two methods from two modules--not two actual modules, just two methods. Plus it's reasonably short. Thanks very much for referring me to that page!

But, as far as I know, the Vigenere cipher is not a stream cipher, and there are older, lower-tech ways to crack it, which were actually figured out not long after the Vigenere cipher was first used in practice.

#6
September 13th, 2013, 02:26 PM
 dwblas
Contributing User

Join Date: May 2009
Posts: 414
Time spent in forums: 5 Days 5 h 50 m 33 sec
Reputation Power: 32
I'm not familar with this either, but Python does include a SystemRandom class which uses various system resources to produce the numbers so should not repeat beyond what ever the "norm" is for that size of data.

"Sequences produced by SystemRandom are not reproducable because the randomness is coming from the system, rather than software state"

Last edited by dwblas : September 13th, 2013 at 02:38 PM.

#7
September 13th, 2013, 03:47 PM
 RickBraun
Registered User

Join Date: Sep 2013
Posts: 19
Time spent in forums: 2 h 24 m 27 sec
Reputation Power: 0
Here's the full text from the introductory description:

Quote:
 Some operating systems provide a random number generator that has access to more sources of entropy that can be introduced into the generator. random exposes this feature through the SystemRandom class, which has the same API as Random but uses os.urandom() to generate the values that form the basis of all of the other algorithms.

I'm pretty sure Linux OSs of all descriptions support this, but the question is what the predictability is. I'll have to ask around to find out about that.

 Viewing: Dev Shed Forums > Programming Languages > Python Programming > Salting salsa20 in Python 3.x