On Wed, Dec 30, 1998 at 03:53:59PM +0100, Magnus Lie Hetland wrote:
I don't know if you guys have seen Andrew K's page on Cryptographic Curiosities... But it shouldn't be too hard to include for instance the RSA algorithm in Zope, when it can be expressed in four lines of Python:
#!/usr/local/bin/python from sys import*;from string import*;a=argv;[s,p,q]=filter(lambda x:x[:1]!= '-',a);d='-d'in a;e,n=atol(p,16),atol(q,16);l=(len(q)+1)/2;o,inb=l-d,l-1+d while s:s=stdin.read(inb);s and map(stdout.write,map(lambda i,b=pow(reduce( lambda x,y:(x<<8L)+y,map(ord,s)),e,n):chr(b>>8*i&255),range(o-1,-1,-1)))
Just because you can doesn't mean you should :-) I played with this at one point (and some other things I implemented in Python for "research") and it was all SEVERAL orders of magnitude slower than RSA's BSAFE package... to the point of unusability for any real work.
(And just out of curiosity: Is it a crime to view this web page outside the US? ;)
Yes, and technically it's against the law for this message to enter the US and then exit it... I deal with ITAR on nearly a daily basis, as my company is a relatively big player in the crypto world... It's not pretty ,and I don't recommend getting involved if you can avoid it. I don't think privacy is as much a concern as authentication, and MD5 is fully exportable, as is DSA (which is better).... It's not always necessary to insure ALL aspects of security. Chris -- | Christopher Petrilli | petrilli@amber.org