Peer review: Python encyphering script
netzapper at magicstar.net
Thu Feb 28 07:30:15 CET 2002
On Thu, 28 Feb 2002 04:46:31 GMT, QnickQm at alum.mit.edu (Nick
>First of all, this cipher is a bit suspicious. It has the undesirable
>property that the frequency counts of the characters in the ciphertext
>are the same as in the plaintext. That is to say, if I know you're
>sending either "attack at dawn" or "run for your lives", it's easy for
>me to tell which one you sent.
Yeah. I've designed dozens of ciphers before, all of which fail
horribly the second I think about frequency analysis. On the other
hand, I've never tried actual encryption... I don't quite grok modular
mathematics yet enough to do anything but monkey-see-monkey-do copies
of other opensource ciphers.
>Secondly, this cipher doesn't buy you a lot: The key is as long as the
>plaintext. If you have a secure place to store the key, you would
>presumably use that place to store the plaintext as well.
This is one of the things I noticed as I played with it (not that I
didn't know it before I started, but it seemed to matter less at the
>Third, the scrambling step is more crucial than you think. Without
>scrambling, if I see the key-portion of a message, I'll have a pretty
>good idea which parts of the message go where: indices for low letters
>earlier than indices for high ones. But with scrambling, the quality
>of your cipher is limited by the power of your random number
I figured as much. But, I don't know enough Python yet to want to
play with the offsets randomly, ya' know?
>For a deeper introduction to cryptography, you may want to get a copy
>of Schneier's _Applied Cryptography_, or read the FAQs from sci.crypt.
>Well, I hope this that didn't dampen your entusiasm for Python!
>You're off to a good start (esp. for two days!), and I hope we'll hear
>more of you in the future!
Good Lord, no, it didn't dampen my enthusiasm. Hell, it only
heightens it knowing that there're people in this community who're
willing to take a look at a total newbie's code and then spend the
time not only commenting but actually *re-writing* it. Thank you.
Posted Via Binaries.net = SPEED+RETENTION+COMPLETION = http://www.binaries.net
More information about the Python-list