[Zope] - Cryptography...

[Christopher G. Petrilli]

On Wed, Dec 30, 1998 at 03:53:59PM +0100, Magnus Lie Hetland wrote:
> 
> I don't know if you guys have seen Andrew K's page on Cryptographic
> Curiosities... But it shouldn't be too hard to include for instance the
> RSA algorithm in Zope, when it can be expressed in four lines of Python:
> 
> #!/usr/local/bin/python 
> from sys import*;from string import*;a=argv;[s,p,q]=filter(lambda x:x[:1]!=
> '-',a);d='-d'in a;e,n=atol(p,16),atol(q,16);l=(len(q)+1)/2;o,inb=l-d,l-1+d
> while s:s=stdin.read(inb);s and map(stdout.write,map(lambda i,b=pow(reduce(
> lambda x,y:(x<<8L)+y,map(ord,s)),e,n):chr(b>>8*i&255),range(o-1,-1,-1)))

Just because you can doesn't mean you should :-) I played with this at
one point (and some other things I implemented in Python for "research")
and it was all SEVERAL orders of magnitude slower than RSA's BSAFE
package... to the point of unusability for any real work. 

> (And just out of curiosity: Is it a crime to view this web page outside
> the US? ;)

Yes, and technically it's against the law for this message to enter the
US and then exit it... I deal with ITAR on nearly a daily basis, as my
company is a relatively big player in the crypto world...  It's not
pretty ,and I don't recommend getting involved if you can avoid it.  I
don't think privacy is as much a concern as authentication, and MD5 is
fully exportable, as is DSA (which is better)....  It's not always
necessary to insure ALL aspects of security.

Chris
-- 
| Christopher Petrilli
| petrilli@amber.org