Re: Encryption using perl core functions only

redhotpenguin,
On top of that, crypt isn't implemented in perl :)

You must be talking about the Unix utility and not the C library since crypt is a built-in perl function.

Good encryption algorithms are needed when the algorithm itself is known. This is the case for both symmetrical and asymmetrical encryption. It sounds like you are just trying to obscure the data from a would be bad guy. In this case, you can engineer any data obscure solution you want. In other words, your algorithm itself can be the shared secret.

For example: Assume you have a very large book where every given word you want to encrypt appears multiple times. You could make your message a secret by replacing each word with the page number and number of words from the beginning where the word appears. Now "11, 5" only means something if both parties know which book is being used. Changing the books regularly in an "out of band" process adds to the difficulty in learning the secret.

Cheers - L~R

Comment on Re: Encryption using perl core functions only

Replies are listed 'Best First'.
Re^2: Encryption using perl core functions only by Anonymous Monk on Nov 25, 2007 at 22:39 UTC
>> On top of that, crypt isn't implemented in perl :) > You must be talking about the Unix utility and not the C > library since crypt is a built-in perl function. Not exactly, the embedded platform used a microperl installation, and the perl crypt function is not implemented in that version. I am trying to obscure the data from a bad guy during transit - that is, I forgo security if they have access to either computer. If I rot the data, my fear is that someone can identify that algorithm easily. I am also looking at the option of using an embedded libopenssl package, and calling out to that through backticks.	[reply]
Re^3: Encryption using perl core functions only by Limbic~Region (Chancellor) on Nov 25, 2007 at 22:48 UTC
Anonymous Monk/redhotpenguin, The perl crypt function wouldn't help you even if it were available since it is a 1-way hashing library and not an encryption/decryption utility. If you are only interested in protecting the data in transit, using an existing library like SSL is the lowest cost solution assuming it is available. I am not sure you understood what I was saying about using the algorithm as your shared secret. You could pick any data hiding you want that is more sophisticated than rot-13. If you don't provide people access to the algorithm than getting the secret isn't going to be very easy. If you don't believe me, I will design an algorithm and post a secret message to see how long it takes you to decipher it. Cheers - L~R	[reply]
Re^4: Encryption using perl core functions only by redhotpenguin (Deacon) on Nov 25, 2007 at 23:00 UTC
I do understand what you mean by the algorithm as the shared secret, I am just a bit wary of inventing my own here as with my luck someone will see it and say "oh that's a rot15 modified cubic", etc. Partially paranoid yes, but probably better than not taking any time to think about the implications of what I'm doing.	[reply]
Re^5: Encryption using perl core functions only by Limbic~Region (Chancellor) on Nov 25, 2007 at 23:07 UTC
Re^6: Encryption using perl core functions only by redhotpenguin (Deacon) on Nov 25, 2007 at 23:18 UTC


The stupid question is the question not asked
	PerlMonks