AltME groups: search

I have the SDK (full encryption strength) and I've been playing with 
the rijndael encryption algorithm. I cut and pasted the code below 
from http://www.rebol.com/how-to/encrypt.htmland it produces 256 
as the port strength despite the strength being stated as 512. Is 
it 256 or 512? The web page says Rebol can provide 512 with rijndael. 
Can it?

port: open [
    scheme: 'crypt
    direction: 'encrypt
    key: akey
    strength: 512
    algorithm: 'rijndael
    padding: true
]
print port/strength


When I switch the algorithm to blowfish I get the expected 512 port 
strength. Is blowfish actually 512?

I need to know what level of encryption I am working with. TIA.

That makes sense. The strength: 512 in the code misled me to believe 
it should be possible.


The blowfish algorithm works fine, but I presume it actually uses 
a key of 448 bits and not 512. https://en.wikipedia.org/wiki/Blowfish_%28cipher%29. 
In which case the value returned by the print port/strength is deceptively 
wrong when I test it with blowfish? Or am I missing something?

The final paragraph of the section titled the algorithm in the wikipedia 
enttyr for Blowfish explains that it is possible to implekment the 
algorithm with keys of up to 576 bits long but not advised by the 
author of the algorithm. Though when I was using REBOL for some testing, 
I set the strength to 448. 


I would have thought that AES 256 would suffice for for most purposes 
needing symmetrical encryption

Thanks BrianH. I am aware of the need to "keep your untrustworthy 
data that you can't safely DO separate from that code."


I am creating a small Rebol server capable of communicating with 
clients, using RSA key exchange and the blowfish algorithm, both 
of which work to reasonably high encryption levels in Rebol, 4096 
for RSA and 512 for Blowfish (yes I know the effective upper limit 
for Blowfish is 448 bits, but that is good enough for my purposes).


I want to save the RSA key as a block so it can be loaded back into 
the program and used again, hence my question. It will be encrypted, 
wherever it gets saved, so there will be no chance of it being messed 
with.


Actually, I am writing a much simpler version of Rebol Services, 
since I could not get that to work and my ability to code in Rebol 
was not sufficiently developed yet to see how to get it working.


I am in a steep learning curve right now with Rebol and the time 
I am investing is starting to pay off. Thanks for the information 
about keeping code and data separate. It's always good to be reminded 
of 'obvious' truths.

When R3 was open sourced, I presume the SDK was not also open sourced? 
I am looking for the 'C' source code for the RSA, AES and Blowfish 
encryption functions.

To find source codes, you will need to search with google or so. 
"blowfish source code c" first result looks promising http://www.schneier.com/blowfish-download.html

Encloak  -- http://www.rebol.net/cookbook/recipes/0023.html-- Carl 
says


Newer versions of REBOL include "cloaking" functions for encrypting 
and decrypting strings. These functions do not provide full strength 
encryption such as Blowfish, AES, or RSA as found in REBOL/Command, 
nevertheless they can be useful for hiding passwords and other values. 
(That's why we call it cloaking rather than encrypting.)

http://user1.matsumoto.ne.jp/~goma/js/blowfish.html

i f i find some time, i will implement the blowfish algorithm a lot 
pmore complex than arc4, can be a good test.

That was a very funny pun on Blowfish :)

If I remember correctly, I was also able to exchange test data that 
was Blowfish encrypted with REBOL but I handled the padding myself:

plain: to binary! text
  
len: remainder length? plain 8

  if 0 < len [

    padding: 8 - len

    insert/dup tail plain to char! padding padding
 
  ]