ANN: obfuscate

[Steven D'Aprano]

I am pleased to announce the first public release of obfuscate 0.2.2a.

http://pypi.python.org/pypi/obfuscate/0.2.2a

obfuscate is a pure-Python module providing classical encryption
algorithms suitable for obfuscating and unobfuscating text.

obfuscate includes the following ciphers:
- Caesar, rot13, rot5, rot18, rot47
- atbash
- Playfair, Playfair6 and Playfair16
- Railfence (encryption only)
- Keyword
- Affine
- Vigenere
- frob (xor)

and others.

DISCLAIMER: obfuscate is not cryptographically strong, and should not be
used where high security is required. (The ciphers provided in obfuscate
may have been state of the art centuries ago, but should not be used
where strong encryption is required.

obfuscate is released under the MIT licence.

Requires Python 2.5 or 2.6.

 

[geremy condra]

I am pleased to announce the first public release of obfuscate 0.2.2a.

http://pypi.python.org/pypi/obfuscate/0.2.2a

obfuscate is a pure-Python module providing classical encryption
algorithms suitable for obfuscating and unobfuscating text.

obfuscate includes the following ciphers:
 - Caesar, rot13, rot5, rot18, rot47
 - atbash
 - Playfair, Playfair6 and Playfair16
 - Railfence (encryption only)
 - Keyword
 - Affine
 - Vigenere
 - frob (xor)

and others.

DISCLAIMER: obfuscate is not cryptographically strong, and should not be
used where high security is required. (The ciphers provided in obfuscate
may have been state of the art centuries ago, but should not be used
where strong encryption is required.

obfuscate is released under the MIT licence.

Requires Python 2.5 or 2.6.

Nice! Maybe someday you can extend it with a pen-and-paper
signature scheme

Geremy Condra

 

[Tim Chase]

obfuscate is a pure-Python module providing classical encryption
algorithms suitable for obfuscating and unobfuscating text.

obfuscate includes the following ciphers:
- Caesar, rot13, rot5, rot18, rot47
- atbash
- Playfair, Playfair6 and Playfair16
- Railfence (encryption only)
- Keyword
- Affine
- Vigenere
- frob (xor)

I prefer the strength of Triple ROT-13 for my obfuscation needs,
but I don't see it listed here. I guess I'll have to roll my own
despite the dire warnings against amateur cryptographers
authoring their own unvetted implementations. ;-)

-tkc

 

[Gregory Ewing]

I prefer the strength of Triple ROT-13 for my obfuscation needs, but I
don't see it listed here.

That's old hat -- with the advent of 3GHz cpus and GPGPU, all the
experts are recommending quadruple ROT-128 nowadays.

 

[Roy Smith]

I am pleased to announce the first public release of obfuscate 0.2.2a.

http://pypi.python.org/pypi/obfuscate/0.2.2a

obfuscate is a pure-Python module providing classical encryption
algorithms suitable for obfuscating and unobfuscating text.

obfuscate includes the following ciphers:
- Caesar, rot13, rot5, rot18, rot47
- atbash
- Playfair, Playfair6 and Playfair16
- Railfence (encryption only)
- Keyword
- Affine
- Vigenere
- frob (xor)

No pig latin?

 

[Daniel Fetchinson]

I am pleased to announce the first public release of obfuscate 0.2.2a.

http://pypi.python.org/pypi/obfuscate/0.2.2a

obfuscate is a pure-Python module providing classical encryption
algorithms suitable for obfuscating and unobfuscating text.

obfuscate includes the following ciphers:
- Caesar, rot13, rot5, rot18, rot47
- atbash
- Playfair, Playfair6 and Playfair16
- Railfence (encryption only)
- Keyword
- Affine
- Vigenere
- frob (xor)

and others.

DISCLAIMER: obfuscate is not cryptographically strong, and should not be
used where high security is required. (The ciphers provided in obfuscate
may have been state of the art centuries ago, but should not be used
where strong encryption is required.

obfuscate is released under the MIT licence.

Requires Python 2.5 or 2.6.

Great, these packages are badly needed!

If the code base stabilizes in a production version after losing the
alphas and betas they would be a great addition to the stdlib, I
think.

Cheers,
Daniel

 

[Robert Kern]

Great, these packages are badly needed!

If the code base stabilizes in a production version after losing the
alphas and betas they would be a great addition to the stdlib, I
think.

Why?

--
Robert Kern

"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco

 

[Aahz]

Why?

You missed the white-on-white smiley, I think.

 

[Simon Brunning]

Why?

I agree. Why wait? Put them in the stdlib now!

 

[David Robinow]

I agree. Why wait? Put them in the stdlib now!

Can we please stop this?

 

[Alf P. Steinbach]

* David Robinow:

Can we please stop this?

I agree.

I haven't looked at the code but the functionality that's listed is useful, e.g.
in a Usenet client, and it's fun to play around with for a beginner.

Also, for example, Christian Heimes wrote else-thread: «Your work should be
interesting for everybody who has read Simon Sing's "The Code Book: The Science
of Secrecy from Ancient Egypt to Quantum"» (and I for one have that book).


Cheers,

- Alf

 

[Stef Mientki]

* David Robinow:

I agree.

sorry I don't,
unless Python is only meant for the very well educated people in encryption.

I haven't looked at the code but the functionality that's listed is
useful, e.g. in a Usenet client, and it's fun to play around with for
a beginner.

I neither did look at the code,
but as a beginner with just 3 years of experience in Python,
I've tried several scrambling libs, for a quick and dirty use.
All were much too difficult, so I made my own xor-something.
Coming from Delphi, a scrambling lib is working is less than 10 minutes,
without the need of any knowledge of encryption.
I prefer Python over Delphi, but some things are made very complex in
Python.

cheers,
Stef

 

[rantingrick]

[..]

No pig latin?

Wait a minute guys, Stevens a well known prankster and comic relief
clown around here, I think he's just shining us all on! ;o)

 

[Gabriel Genellina]

sorry I don't,
unless Python is only meant for the very well educated people in
encryption.

I neither did look at the code,
but as a beginner with just 3 years of experience in Python,
I've tried several scrambling libs, for a quick and dirty use.
All were much too difficult, so I made my own xor-something.
Coming from Delphi, a scrambling lib is working is less than 10 minutes,
without the need of any knowledge of encryption.
I prefer Python over Delphi, but some things are made very complex in
Python.

Are you sure?
.... return ''.join(chr(ord(c)^key) for c in s)
....

txt = "Hello world!"
xor(txt, 123) '3\x1e\x17\x17\x14[\x0c\x14\t\x17\x1fZ'
xor(_, 123)

'Hello world!'

The Delphi code would be certainly longer than that, some variation of:

function encrypt_xor(const s: string; key: integer);
var
i: integer;
begin
SetLength(Result, length(s));
for i:=1 to length(s) do
begin
Result := chr(ord(s) xor key);
end;
end;

(untested)

 

[Steven D'Aprano]

sorry I don't,
unless Python is only meant for the very well educated people in
encryption.

All algorithms in obfuscate are obsolete, insecure and only interesting
for people *that* want to get well educated in the history of
encryption. [...]
Grab pycrypto, m2crypto or one of the other packages if you need a
minimum amount of security.

As the author of obfuscate, I would like to second Christian's statement.
obfuscate is NOT meant for serious security, as I state in both the
source code and the documentation to the module.

That's not to say that it can't be useful for some people -- I wouldn't
have spent the time writing it if I didn't think it was useful. But it is
useful for obfuscation, education and puzzles, not for secure encryption.

I'm not sure how serious the calls for this to be added to the standard
library are. If they're serious, I'm grateful for the votes of confidence
from people, but I can't imagine Guido saying yes. In any case, it's
premature to talk about adding it to the std library while it is still in
alpha.

Thank you for all the comments, even the tongue-in-cheek ones. This has
exceeded my wildest expectations! I'm always interested in feedback, good
and bad, either publicly or privately.

 

[Daniel Fetchinson]

All algorithms in obfuscate are obsolete, insecure and only

Not true. Another use case is suggested by the chosen name for the
library: to obfuscate text against casual human reading, while not
making it at all difficult to decrypt by people who are motivated to do
so.

The classic example is rot-13 encryption of text in internet messages;
it would be a failure of imagination to suggest there are not other,
similar use cases.

I fully agree. Judging by the posts on c.l.p the need for simple
obfuscation regularly comes up. I also posted something not so long
ago and got all sorts of useful advice, a package here, a module
there, etc. It also turned out that everybody mostly writes his/her
own obfuscation routine. That is why I suggested that perhaps if the
code base stabilizes an inclusion into the stdlib could be discussed.
I'm not sure it really needs to go there but if it turns out that as
many people need this kind of stuff as I imagine it, well, then we
have enough use cases for sure.

Agreed. However, for cases that *don't* need security from determined
attackers, I don't think those obviate the usefulness of this library.

Exactly.

Cheers,
Daniel

 

[Simon Brunning]

The classic example is rot-13 encryption of text in internet messages;
it would be a failure of imagination to suggest there are not other,
similar use cases.

That's built-in:
'Uryyb Jbeyq!'

 

[Tim Golden]

"Hello World!".encode('rot-13')

Not any more!

<dump>
Python 3.1.1 (r311:74483, Aug 17 2009,
win32
Type "help", "copyright", "credits" orTraceback (most recent call last):


</dump>

TJG

 

[Gregory Ewing]

A much, much stronger version of the
principles behind Vigenère was used in the German Enigma machine.
Because the algorithm was still not good enought some clever guy called
Turing and his team was able to crack the enigma.

Actually I gather it had a lot to do with the fact that
the Germans made some blunders in the way they used the
Enigma that seriously compromised its security. There
was reportedly a branch of the German forces that used
their Enigmas differently, avoiding those mistakes, and
the British never managed to crack any of their messages.

 

[Gregory Ewing]

It also turned out that everybody mostly writes his/her
own obfuscation routine.

Hey, it gives you the additional advantage of obfuscation
by obscurity!