Still Attempting For Good End-To-End Encryption For Gmail (it’s taking time tho)

Don’t trust web based secure email, one cannot verify if the delivery of a web page has been modified or not given today’s tools. A powerful adversary could MITM an HTTPS connection with a valid, signed CA cert and there are no tools today which can provably validate that the integrity of a web page has not been modified since it left the server and entered your browser. I’m trying to work on a client based solution compatible with Gmail but it’s taking me time, I keep getting distracted by other things going on. Anyway, here’s a random post in case I need a fast stream cipher similar to ARC4 but with better security.

ChaCha Python

import hashlib
class chacha:
	def p(self, a, i):
		return ((ord(a[i]) << 24) + (ord(a[i+1]) << 16) + (ord(a[i+2]) << 8) + ord(a[i+3]))
	def r(self, a, n):
		return ((a << n) & 0xffffffff) | (a >> (32 - n))
	def z(self, a, b):
		return ((a + b) & 0xffffffff)
	def u(self, m, x, k, y):
		c = ""
		for i in range(0, 4):
			c += chr(ord(m[x+i]) ^ ((k[y] >> (i*8)) & 0xff))
		return c
	def __init__(self, k, r=20):
		self.pt = [0x61707865, 0x3120646e, 0x79622d36, 0x6b206574]
		self.ps = [0x61707865, 0x3320646e, 0x79622d32, 0x6b206574]
		self.rs = r
		l = len(k)
		if (l == 16):
			self.skey = [
				self.pt[0], self.pt[1], self.pt[2], self.pt[3],
				self.p(k, 0), self.p(k, 4), self.p(k, 8), self.p(k, 12),
				self.p(k, 0), self.p(k, 4), self.p(k, 8), self.p(k, 12),
				0x0, 0x0, 0x0, 0x0
			]
		if (l == 32):
			self.skey = [
				self.ps[0], self.ps[1], self.ps[2], self.ps[3],
				self.p(k,  0), self.p(k,  4), self.p(k,  8), self.p(k, 12),
				self.p(k, 16), self.p(k, 20), self.p(k, 24), self.p(k, 28),
				0x0, 0x0, 0x0, 0x0
			]
	def qrrd(self, x, a, b, c, d):
		x[a] = self.z(x[a], x[b]); x[d] = (x[d] ^ x[a]); x[d] = self.r(x[d], 16)
		x[c] = self.z(x[c], x[d]); x[b] = (x[b] ^ x[c]); x[b] = self.r(x[b], 12)
		x[a] = self.z(x[a], x[b]); x[d] = (x[d] ^ x[a]); x[d] = self.r(x[d],  8)
		x[c] = self.z(x[c], x[d]); x[b] = (x[b] ^ x[c]); x[b] = self.r(x[b],  7)
		return x
	def core(self):
		x = self.skey[:]
		for r in range(0, self.rs / 2):
			x = self.qrrd(x, 0, 4,  8, 12)
			x = self.qrrd(x, 1, 5,  9, 13)
			x = self.qrrd(x, 2, 6, 10, 14)
			x = self.qrrd(x, 3, 7, 11, 15)
			# rows vs cols
			x = self.qrrd(x, 0, 5, 10, 15)
			x = self.qrrd(x, 1, 6, 11, 12)
			x = self.qrrd(x, 2, 7,  8, 13)
			x = self.qrrd(x, 3, 4,  9, 14)
		for i in range(0, 16):
			x[i] = self.z(x[i], self.skey[i])
		return x
	def cipher(self, m):
		while ((len(m) % 64) != 0):
			m += chr(0)
		i = 0; l = len(m)
		o = ""
		while ((i + 63) < l):
			s = self.core()
			j = 0
			while ((j + 3) < 64):
				o += self.u(m, j, s, j / 4)
				j += 4
			self.skey[12] = self.z(self.skey[12], 1)
			if (self.skey[12] == 0):
				self.skey[13] += 1
			i += 64
		return o
c = chacha(hashlib.sha256("abc").digest())
e = c.cipher("def");print("",e)
c = chacha(hashlib.sha256("abc").digest())
d = c.cipher(e);print("",d.strip("\0"))

Advertisements
Still Attempting For Good End-To-End Encryption For Gmail (it’s taking time tho)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s