Author Topic: Cryptography Implementation Discussion (Read 16027 times)

Lugnut · November 12, 2013, 07:49:55 PM

We can get 384-bit (NSA standard, you probably won't be brute forcing it any time soon) elliptic curves to run, I have almost absolute confidence about that. The question is how long it will take to generate and process them.

Sending it to a remote server instantly removes
A: security, the remote server could be compromised
B: the 'yes we got it working in torquescript' factor

Ad Bot · Advertisement

Greek2me · November 12, 2013, 07:53:20 PM

Speed shouldn't be too much of an issue, as I can't see this being used for chat or anything. Its main use would be authentication.

Lugnut · November 12, 2013, 07:56:19 PM

If we can generate the things on our own time, we'll only have to exchange a seed for ports rng. From there we can make a stuffload of random numbers that the other person can also generate. From there we can do a one time pad, which would be as computationally easy as string replacement.

Lugnut · November 12, 2013, 07:59:03 PM

Actually, someone get diffie hellman working real quick with the math libraries we've already got so we can get a sort of proof of concept for secure conversations.

From there we just substitute different cryptosystems and it should be that easy

Ipquarx · November 12, 2013, 08:04:35 PM

Quote from: Lugnut on November 12, 2013, 07:59:03 PM

Actually, someone get diffie hellman working real quick with the math libraries we've already got so we can get a sort of proof of concept for secure conversations.

From there we just substitute different cryptosystems and it should be that easy

This would be nice, yes. If someone could do me the favor of implementing the modular exponentiation, that's really all you need.

Lugnut · November 12, 2013, 08:05:35 PM

We also need modulus

Ipquarx · November 12, 2013, 08:08:21 PM

Quote from: Lugnut on November 12, 2013, 08:05:35 PM

We also need modulus

Just use Math_Subtract(%num1, Math_Multiply(%num2, Math_DivideFloor(%num1, %num2))); for mod for now, unless someone else has a better method.

I'm not 100% on how well it'll work, but it should do fine.

Lugnut · November 12, 2013, 08:20:52 PM

I'm having difficulty pushing to the repo from my tablet, but I've got the example from the diffie hellman key exchange Wikipedia page tossed into a script

Someone needs to give it a random number picker for the private numbers and the shared public numbers. I'll throw in a primality test too

Okay I lied, it's actually a psuedocode primality test. I'm not really in a position to read the library to know if you've got all the things needed (modulous, square root of a number), so you guys get fake code. sorry :(

Pushed it, somebody pull it and run it as is, tell me if it works properly according to this http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

$trinick · November 12, 2013, 08:53:18 PM

The generation and processing is my point-- to generate encryption at a satisfactory speed you'd have to dumb down the encryption. I don't see why you're opposed to offloading heavy processing from Blockland, I've been doing it for ages with things like AI.

Lugnut · November 12, 2013, 09:01:34 PM

Ai is not cryptography, cryptography is secret numbers. They wouldn't be secret if we told someone else what they were, would they?

Now, maybe we could offload stuff to a python script running locally, but that has no wow factor, and it's not entirely contained in one add-on.

Ipquarx · November 12, 2013, 09:14:32 PM

Someone could always make a web server to do the more expensive operations.
You'd send the specific operations to do via POST data and it would give back the result.
Side-channel attacks would not be possible because all number generation would be done on the client side.

Though I don't see the problem in doing it on the client side. 384 bits is only 115 digits, and multiplying said numbers only takes ~50ms.

Lugnut · November 12, 2013, 09:22:30 PM

Here's an ecc implementation in python, which isn't useful presently as we're working with DH, but anyway...

https://github.com/amintos/PyECC

Greek2me · November 12, 2013, 09:35:11 PM

I'll try to knock out the modulus function tonight.

Ipquarx · November 12, 2013, 09:37:46 PM

Actually, how about we use ECC DH instead of regular? Because as said before, ECC numbers are much easier to deal with than the regular version.

Lugnut · November 12, 2013, 09:38:07 PM

Now, rsa with its exponentiation ... that wouldn't work.

Check out the exp function. Can we do this with minimal arbitrary precision arithmetic for speed? https://github.com/amintos/PyECC/blob/master/ecc/primes.py

def exp(x, n, m):
   '''Efficiently compute x ** n mod m'''
   y = 1
   z = x
   while n > 0:
   if n & 1:
   y = (y * z) % m
   z = (z * z) % m
   n //= 2
   return y

Resource: http://docs.python.org/2/library/operator.html#mapping-operators-to-functions