summaryrefslogtreecommitdiff
path: root/pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html
diff options
context:
space:
mode:
Diffstat (limited to 'pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html')
-rw-r--r--pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html41
1 files changed, 41 insertions, 0 deletions
diff --git a/pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html b/pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html
new file mode 100644
index 0000000..ae9d20e
--- /dev/null
+++ b/pipermail/pycrypto/attachments/20120412/91c526c7/attachment.html
@@ -0,0 +1,41 @@
+<tt>
+&lt;span&nbsp;class=&quot;gD&quot;&gt;Legrandin&nbsp;thank&nbsp;you&nbsp;for&nbsp;your&nbsp;help.&lt;br&gt;When&nbsp;i&nbsp;have&nbsp;time&nbsp;i&nbsp;will&nbsp;put&nbsp;something&nbsp;on&nbsp;pastebin&nbsp;so&nbsp;it&nbsp;can&nbsp;serve&nbsp;as&nbsp;example&nbsp;for&nbsp;future&nbsp;members&nbsp;that&nbsp;require&nbsp;this&nbsp;type&nbsp;of&nbsp;solution&nbsp;:)&lt;br&gt;&lt;br&gt;Regards&lt;br&gt;A/T&lt;br&gt;&lt;/span&gt;&lt;br&gt;<br>
+&lt;div&nbsp;class=&quot;gmail_quote&quot;&gt;2012/4/11&nbsp;Legrandin&nbsp;&lt;span&nbsp;dir=&quot;ltr&quot;&gt;&lt;&lt;a&nbsp;href=&quot;mailto:gooksankoo@hoiptorrow.mailexpire.com&quot;&gt;gooksankoo@hoiptorrow.mailexpire.com&lt;/a&gt;&gt;&lt;/span&gt;&lt;br&gt;&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0pt&nbsp;0pt&nbsp;0pt&nbsp;0.8ex;border-left:1px&nbsp;solid&nbsp;rgb(204,204,204);padding-left:1ex&quot;&gt;<br>
+&lt;div&nbsp;class=&quot;im&quot;&gt;&gt;&nbsp;So&nbsp;after&nbsp;a&nbsp;small&nbsp;search&nbsp;i&nbsp;found&nbsp;out&nbsp;that&nbsp;if&nbsp;i&nbsp;increase&nbsp;the&nbsp;RSA&nbsp;Modulus&nbsp;i&#39;m&lt;br&gt;<br>
+&gt;&nbsp;able&nbsp;to&nbsp;encrypt&nbsp;larger&nbsp;number&nbsp;of&nbsp;bits&nbsp;(&nbsp;makes&nbsp;sense&nbsp;) &nbsp;but&nbsp;this&nbsp;feels&nbsp;dirty.&lt;br&gt;<br>
+&gt;&lt;br&gt;<br>
+&gt;&nbsp;What&nbsp;do&nbsp;your&nbsp;guys&nbsp;recommend&nbsp;?&lt;br&gt;<br>
+&gt;&lt;br&gt;<br>
+&gt;&nbsp;Breaking&nbsp;the&nbsp;data&nbsp;in&nbsp;chunks&nbsp;and&nbsp;encrypting&nbsp;part&nbsp;by&nbsp;part&nbsp;joining&nbsp;it&nbsp;all&nbsp;in&nbsp;a&lt;br&gt;<br>
+&gt;&nbsp;buffer&nbsp;and&nbsp;send&nbsp;it&nbsp;down&nbsp;the&nbsp;socket&nbsp;all&nbsp;in&nbsp;one&nbsp;with&nbsp;the&nbsp;other&nbsp;server&lt;br&gt;<br>
+&gt;&nbsp;decrypting&nbsp;part&nbsp;by&nbsp;part&nbsp;and&nbsp;merging&nbsp;the&nbsp;data&nbsp;again&nbsp;?&lt;br&gt;<br>
+&gt;&lt;br&gt;<br>
+&gt;&nbsp;P.S&nbsp;-&nbsp;I&nbsp;dont&nbsp;mind&nbsp;fishing&nbsp;by&nbsp;myself&nbsp;just&nbsp;trying&nbsp;to&nbsp;understand&nbsp;the&nbsp;best&nbsp;&quot;way&lt;br&gt;<br>
+&gt;&nbsp;/&nbsp;more&nbsp;correct&nbsp;way&nbsp;&quot;&nbsp;to&nbsp;do&nbsp;it&nbsp;:)&lt;br&gt;<br>
+&lt;br&gt;<br>
+&lt;/div&gt;Hi&nbsp;Antonio,&lt;br&gt;<br>
+&lt;br&gt;<br>
+Increasing&nbsp;the&nbsp;RSA&nbsp;key&nbsp;length&nbsp;is&nbsp;not&nbsp;&quot;dirty&quot;:&nbsp;it&nbsp;simply&nbsp;increases&lt;br&gt;<br>
+security&nbsp;(and&nbsp;incidentally&nbsp;useful&nbsp;payload&nbsp;size)&nbsp;at&nbsp;the&nbsp;expense&nbsp;of&lt;br&gt;<br>
+decryption&nbsp;speed.&lt;br&gt;<br>
+If&nbsp;decryption&nbsp;speed&nbsp;is&nbsp;not&nbsp;that&nbsp;important&nbsp;to&nbsp;you,&nbsp;and&nbsp;you&nbsp;have&nbsp;a&nbsp;clear&lt;br&gt;<br>
+idea&nbsp;on&nbsp;how&nbsp;long&nbsp;you&nbsp;data&nbsp;can&nbsp;be&nbsp;at&nbsp;most,&nbsp;go&nbsp;ahead&nbsp;and&nbsp;increase&nbsp;the&lt;br&gt;<br>
+key&nbsp;size.&nbsp;The&nbsp;time&nbsp;you&nbsp;gain&nbsp;by&nbsp;taking&nbsp;this&nbsp;approach&nbsp;can&nbsp;be&nbsp;spent&nbsp;on&lt;br&gt;<br>
+important&nbsp;tasks&nbsp;like&nbsp;making&nbsp;the&nbsp;private&nbsp;key&nbsp;secure,&nbsp;or&nbsp;adding&nbsp;some&lt;br&gt;<br>
+form&nbsp;of&nbsp;authentication&nbsp;to&nbsp;your&nbsp;protocol.&lt;br&gt;<br>
+&lt;br&gt;<br>
+The&nbsp;&quot;proper&quot;&nbsp;way&nbsp;to&nbsp;do&nbsp;encryption&nbsp;would&nbsp;be&nbsp;to&nbsp;create&nbsp;a&nbsp;random&nbsp;AES&lt;br&gt;<br>
+session&nbsp;key&nbsp;(16&nbsp;bytes),&nbsp;encrypt&nbsp;it&nbsp;with&nbsp;RSA&nbsp;(hopefully&nbsp;at&nbsp;least&nbsp;2048&lt;br&gt;<br>
+bit&nbsp;long),&nbsp;send&nbsp;it,&nbsp;pad&nbsp;the&nbsp;data,&nbsp;encrypt&nbsp;it&nbsp;with&nbsp;AES,&nbsp;send&nbsp;it.&lt;br&gt;<br>
+Additionally,&nbsp;you&nbsp;should&nbsp;also&nbsp;sign&nbsp;the&nbsp;data&nbsp;and&nbsp;send&nbsp;the&nbsp;signature&lt;br&gt;<br>
+along.&lt;br&gt;<br>
+&lt;br&gt;<br>
+At&nbsp;the&nbsp;receiving&nbsp;end,&nbsp;you&nbsp;decrypt&nbsp;the&nbsp;session&nbsp;key&nbsp;with&nbsp;RSA,&nbsp;decrypt&lt;br&gt;<br>
+the&nbsp;data&nbsp;with&nbsp;AES,&nbsp;unpad&nbsp;the&nbsp;data,&nbsp;and&nbsp;verify&nbsp;its&nbsp;signature.&lt;br&gt;<br>
+_______________________________________________&lt;br&gt;<br>
+pycrypto&nbsp;mailing&nbsp;list&lt;br&gt;<br>
+&lt;a&nbsp;href=&quot;mailto:pycrypto@lists.dlitz.net&quot;&gt;pycrypto@lists.dlitz.net&lt;/a&gt;&lt;br&gt;<br>
+&lt;a&nbsp;href=&quot;http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto&quot;&nbsp;target=&quot;_blank&quot;&gt;http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto&lt;/a&gt;&lt;br&gt;<br>
+&lt;/blockquote&gt;&lt;/div&gt;&lt;br&gt;<br>
+
+</tt>
View Lorry Controller Status