<br><br><div class="gmail_quote">On Sun, Nov 15, 2009 at 4:39 PM, Dwayne C. Litzenberger <span dir="ltr"><<a href="mailto:dlitz@dlitz.net">dlitz@dlitz.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">On Sat, Nov 14, 2009 at 05:39:40PM +0800, rusydi hasan wrote:<br>
</div><div class="im">>Hi Dwayne,<br>
><br>
>First of all, let me introduce myself. Im rusydi, an undergaduate computer<br>
>science in malaysia.<br>
<br>
</div>Hi there!<br>
<div class="im"><br>
>I have necessary background in cryptography, specifically block cipher, and<br>
>C programming. Im interested to become a contributor in the next release of<br>
>pycrypto (i read that you need the contributor outside US and Canada and not<br>
>the US/Canada Passport holder), especially in the implementation of some<br>
>block ciphers. But i have few things that i need to ask to you<br>
<br>
</div>That's great! One correction: I only ask that contributors be non-US<br>
citizens/residents. Canada is fine; I'm Canadian. :)<br></blockquote><div><br>Got it :) !<br> <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
> 1. In TODO list i saw that pycrypto is gonna implement Camellia. AFAIK,<br>
<div class="im">> camellia is a patented block cipher by Mitsubishi Electric Corporation and<br>
> Nippon Telegraph and Telephone Corporation (NTT), Japan. I attached the<br>
> intellectual property statement, submitted to NESSIE submission<br>
<br>
</div>Yes, but there is also this:<br>
<br>
Announcement of Royalty-free Licenses for Essential Patents<br>
of NTT Encryption and Digital Signature Algorithms<br>
<br>
<a href="http://www.ntt.co.jp/news/news01e/0104/010417.html" target="_blank">http://www.ntt.co.jp/news/news01e/0104/010417.html</a><br>
<br>
See also the list at:<br>
<br>
<a href="http://en.wikipedia.org/wiki/NESSIE" target="_blank">http://en.wikipedia.org/wiki/NESSIE</a><br></blockquote><div><br>Thanks for the link. <br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
> 2. Is it necessary to implement some Light-Weight Block Cipher in<br>
<div class="im">> pycrypto ? (such as DESL, TEA, KATAN, SEA, etc) because im planning to<br>
> submit some of these light-weight block cipher for the pycrypto.<br>
<br>
</div>I've never heard of any of these ciphers except for TEA, and TEA is<br>
vulnerable to a practical related-key attack.<br></blockquote><div> </div><div>Its the family of lightweight block cipher, designed for small-scaled system and ubiquitous devices (RFID, etc) .<br>You can check this link :<br>
<br><a href="http://www.ecrypt.eu.org/lightweight/index.php/Block_ciphers">http://www.ecrypt.eu.org/lightweight/index.php/Block_ciphers</a><br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
I am reluctant to add any more 64-bit block ciphers, since you can expect<br>
block collisions after only 2**32 blocks (32 GiB of data) in some modes,<br>
and they're tricky to use in CTR mode with long-term keys (again, because<br>
the collision probability is too high).<br>
<br>
I am also very reluctant to add any variants of DES, since pretty much<br>
every variant of DES has been weaker than DES itself.<br>
<br>
I don't want to maintain additional ciphers in my tree unless they are<br>
mature and offer significant advantages over what PyCrypto already has.<br>
I'm even hesitant to add Camellia---The only reason I'm considering it is<br>
that PyCrypto only has one 128-bit block cipher right now (AES), and<br>
because the proposed candidate, Camellia, made it through the NESSIE<br>
competition. Even then, I don't consider it a priority, and PyCrypto 2.1<br>
will be released without it.<br></blockquote><div><br>Well, i ll still try to work on Camellia.<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
I'm much more interested in making the crypto we already have less<br>
error-prone to use. For example, we need a PKCS#1 v2.1 implementation, a<br>
*complete* DSA implementation, improved RSA key generation, improved<br>
primality testing, more test cases, a Diffie-Hellman implementation, a<br>
reworking of the Crypto.PublicKey API, and a thorough de-linting of the C<br>
code.<br>
<br>
That said, some people might find your code to be useful, even if it<br>
doesn't get included in PyCrypto, so feel free to post it to the mailing<br>
list. :-)<br>
<br>
> 3. How to submit the source code ? since i could not clone the git<br>
<div class="im">> repository (the port is blocked from my campus network). And i dont have<br>
> adequate background in open-source software development.<br>
<br>
</div><rant><br>
Your campus network support people need to stop interfering with the<br>
end-to-end operation of the Internet Protocol, and to actually start doing<br>
their job, which is to support you, rather than shifting that burden onto<br>
me.<br>
</rant><br>
<br>
You should be able to clone from<br>
<br>
<a href="http://git.pycrypto.org/crypto/pycrypto-2.x.git" target="_blank">http://git.pycrypto.org/crypto/pycrypto-2.x.git</a><br>
<br>
As for submitting source code, you should publish your changes somewhere,<br>
such as by doing one of the following things:<br>
<br>
- Post your patches to the mailing list using "git send-email".<br>
- Generate a series of patches using "git format-patch" and send them to<br>
the mailing list yourself.<br>
- Create a git repository somewhere and announce it on the mailing list.<br>
<br>
Thanks!<br>
<br>
- Dwayne<br>
<div class="im"><br>
--<br>
Dwayne C. Litzenberger <<a href="mailto:dlitz@dlitz.net">dlitz@dlitz.net</a>><br>
Key-signing key - 19E1 1FE8 B3CF F273 ED17 4A24 928C EC13 39C2 5CF7<br>
Annual key (2009) - C805 1746 397B 0202 2758 2821 58E0 894B 81D2 582E<br>
</div>_______________________________________________<br>
pycrypto mailing list<br>
<a href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a><br>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto" target="_blank">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a><br>
</blockquote></div><br><br>Thanks alot !<br><br>-- <br>Rusydi Hasan Makarim (0721051)<br>Department of Computer Science<br>International Islamic University Malaysia<br>Gombak, Selangor<br><br>