[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Chicken-users] Cryptographic eggs

From: Alaric Snell-Pym
Subject: Re: [Chicken-users] Cryptographic eggs
Date: Sun, 8 Feb 2009 20:00:55 +0000

On 7 Feb 2009, at 2:13 am, Alaric Snell-Pym wrote:

But, first, I'm going to go and add encryption support to Ugarit, the
goal of this egg-writing arc!


In the process, I also made a new release of crypto-tools, that
handled CBC with an embedded IV. As in, you provide an IV when
encrypting, and it prepends an encrypted copy of this to the output,
then the decrypt operation doesn't require an IV since it can decrypt
it from the cyphertext. The idea being that when encrypting you obtain
IVs from some random source, rather than needing the decryptor to know
them in advance. This is a fairly secure way of encrypting lots of
messages with the same key, while going some way to obstructing chosen-
plaintext attacks and the like.

Ugarit, when you request AES encryption, will now happily use the
embedded-IV CBC mode, pseudorandomly generating IVs by repeated
application of the tiger hash function to the previous IV and the
compressed blocks being uploaded; sadly, the likes of /dev/random
wouldn't generate nearly enough entropy fast enough.

For my next trick, I shall implement either SFTP or Amazon S3 as a
storage backend. I looked at duplicity, the backup system that made me
get off my arse and write ugarit, and to my horror its SFTP backend
consisted of shelling out to ssh or sftp for every operation - and
ugarit will often send lots of small objects, so that wouldn't do.

However, the actual SFTP protocol looks easy - you pretty much just
open an ssh connection by popen-ing ssh, then talking a simple
protocol over the pipe:

The protocol supports all sorts of advanced stuff like remote access
to ACLs; what I propose is that I produce an sftp-client egg that
implements as much of the protocol as Ugarit needs, and then I can add
other features on demand if people want them (or perhaps one day learn
tinyclos and add a sftp driver for the vfs egg).

For S3, I'll need to implement the S3 protocol, which is mainly HTTP
PUTs and GETs with special HTTP request headers for authenticating the
requests. For some reason that daunts me (in my experience, it's often
a pain getting the hashing *just right*), but I'm sure I'll get there.

But - what shall I do first? Which would people find most useful? SFTP
will let you run backups to anywhere you can SSH to, while S3 will let
you only run backups to S3 - but S3 is a nice cheap place to put
backups. Personally I need S3 most for my backup requirements, but I
want to support both.

VOTE! :-)


Alaric Snell-Pym

reply via email to

[Prev in Thread] Current Thread [Next in Thread]