[PATCH] Add xorpipe utility

Ed W lists at wildgooses.com
Mon Sep 24 18:52:24 UTC 2012


On 13/09/2012 10:26, Michael Conrad wrote:
> On 9/12/2012 10:42 PM, jody at jodybruchon.com wrote:
>> My rationale behind writing this simple utility is as follows: Moving 
>> data
>> through a fully encrypted tunnel like SSH is too slow for me, so I use
>> netcat/socat for moving large chunks of data between systems. I don't 
>> want the
>> data to be easily identified and reproduced if it is somehow 
>> intercepted, though
>> it's also not a major problem if someone goes through the trouble of 
>> decrypting
>> it; thus, simple XOR encryption is good enough for my purposes and is 
>> also
>> extremely fast. I'm sure someone else will find it useful, and given its
>> minuscule size, it is of negligible cost to include.
>
> I apologize for further sidetracking the conversation, but if I were 
> going to write a quick-n-dirty encryption tool I would pick a 32-bit 
> int and then XOR with a pseudo-random sequence generated from it. That 
> would at least give the attacker a mental challenge (unless they knew 
> the first 4 bytes of the data...)  Maybe also add a salt parameter?
>
>   while (more_data) {
>     data[i]= data[i] ^ key ^ salt;
>     key= key * a + c;
>   }
> (http://en.wikipedia.org/wiki/Linear_congruential_generator)
>
> Integer multiplication is pretty cheap on most hardware.
>
> -Mike

I believe this is called an "affine cipher" and is easily broken?


If the only goal is to get past sniffers looking for data which matches 
some regexp, then I should think that piping through an LZO compressor 
was usually effective and likely to speedup the transfer except in the 
case of very fast networks and slow processors?

One of the fastest "proper" encryption algorithms that I'm aware of that 
also is well into the "still believed secure"  category would be salsa20 
(I'm no cryptanalysist, but it looks good to my eye). You can get fast 
implementations here:
     http://nacl.cr.yp.to/index.html

You can get an implementation of something interesting using 
salsa20/poly1305/curve25519 through "curvetun"

I'm not sure I see the benefit of xorpipe being a utility vs a simple 
standalone binary (especially given how simple such a standalone binary 
would be?

Good luck!

Ed W


More information about the busybox mailing list