On 2015-06-26, Johannes Bauer <dfnsonfsdu...@gmx.de> wrote: > On 26.06.2015 23:29, Jon Ribbens wrote: >>> While you seem to think that Steven is rampaging about nothing, he does >>> have a fair point: You consistently were vague about wheter you want to >>> have encryption, authentication or obfuscation of data. This suggests >>> that you may not be so sure yourself what it is you actually want. >> >> He hasn't been vague, you and Steven just haven't been paying >> attention. > > Bullshit. Even the topic indicates that he doesn't know what he wants: > "data mangling" or "encryption", which one is it?
He wants data mangling and he was asking whether he needed encryption to achieve it. The answer is no, he doesn't. > I could go into detail about how the assumtion that the ciphertext is > secret is not a smart one in the context of cryptography. But, and I've already pointed this out and you don't seem to have quite got the picture yet, we're not in the context of cryptography. > And how side channels and other leakage may affect overall system > security. But I'm going to save my time on that. I do get paid to > review cryptographic systems and part of the job is dealing with > belligerent people who have read Schneier's blog and think they can > outsmart anyone else. You seem to be describing your own attitude to a tee. > Since I don't get paid to convice you, it's absolutely fine that you > think your substitution scheme is the grand prize. "My" scheme? It wasn't my suggestion. > So the topic says "Encrypting". If you look really closely at the word, > the part "crypt" might give away to you that cryptography is involved. If you were to actually read past the subject line and continue on to read the text of the articles, you would discover that cryptography is not involved. No wonder you're confused if you're disengaging your brain the instant you get past the subject line. >> He's just trying to avoid letting third parties write completely >> arbitrary data to the disk. > > There's your requirement. "My" requirement? >> You know what would be a perfectly good solution to his problem? >> Base 64 encoding. That would solve the issue pretty much >> completely, the only reason it's not an ideal solution is that it >> of course increases the size of the data. > > ...wow. > > That's a nice interpretation of not letting a third party write > completely arbitrary data. It's an accurate interpretation. Something that seems not to be your forte. > According to your definition, this would be: It's okay if the > attacker can control 6 of 8 bits. Yes, it probably is ok. Add a bit of random gunk at the top and tail of the file and it's almost certainly ok. Why do you think it's not? > Oh I understand your "solutions" plenty well. Evidently not. > The only thing I don't understand is why you don't own a Fields > medal yet for your groundbreaking work on bulletproof obfuscation. That is clearly a very long way from the only thing you don't understand. -- https://mail.python.org/mailman/listinfo/python-list
