Anthra Norell wrote: > I rolled my own for relatively short sequences, like passwords. The key is > an integer. To decrypt use the negative encryption key. I consider the > encryption unbreakable, as it is indistinguishable from a random sequence. > > Frederic > > ### > > def crypt (sequence, key): > import random > sign = (key > 0) * 2 - 1 > random.seed (abs (key * sign)) > s = '' > for i in xrange (len (sequence)): > r = random.randint (0, 255) > s += chr ((ord (sequence [i]) + r * sign) % 256) > return s
The mind boggles. You do realize that if I have two ciphertexts encrypted with the same key, I can subtract them? Then I have a sequence, that while not immediately readable, is just a straightforward combination of the two plaintexts without any encryption. This function is also vulnerable to a chosen-plaintext attack. The underlying PRNG is definitely not suitable for cryptographic applications. The documentation even says so! http://docs.python.org/lib/module-random.html "However, being completely deterministic, it is not suitable for all purposes, and is completely unsuitable for cryptographic purposes." Do yourself a favor and don't try to roll your own cryptographic functions. Do everyone else a favor and don't call something "unbreakable" unless you actually have the domain expertise to make that determination. And do read _Practical Cryptography_. -- Robert Kern [EMAIL PROTECTED] "In the fields of hell where the grass grows high Are the graves of dreams allowed to die." -- Richard Harter -- http://mail.python.org/mailman/listinfo/python-list
