SlideShare una empresa de Scribd logo

Native or External?

E
ESUG

ESUG 2011, Edinburgh

TecnologíaEducación
1 de 17
Descargar para leer sin conexión
Native or External? Lessons learned implementing cryptography for VisualWorks Martin Kobetic Cincom Smalltalk Engineering ESUG 2011
Let's implement SSL! DES, MD5, SHA, RSA, DSA, RC4, X.509, ASN.1, DER, ... * SSL 3.0, RSA, DES, RC4, basic X.509 (RSA only) * DH, DSA, + SSL integration, AES * X.509 on ASN.1, faster RSA (CRT),... * new ASN.1 (read/write), more X.509 * protocols/S (HTTPS, SMTPS,....)
What is Cryptography hashes MD5, SHA1, SHA256, ... secret key (symmetric) ciphers AES, DES, RC4,... public key algorithms * signing (RSA, DSA, ECDSA) * encryption (RSA) * key agreement (DH, ECDH)
Hashes - Native (MD5 hash: 'Hello') asHexString. buffer := ByteArray new: 16384. hash := SHA new. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash updateWith: buffer from: 1 to: read ]. ] ensure: [ file close ]. hash digest asHexString.
Hashes - External buffer := ByteArray new: 16384. hash := Hash new algorithm: 'SHA1'; yourself. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash update: read from: buffer ]. hash finish asHexString ] ensure: [ file close. hash release ].
Hashes - Xtreams ((ObjectMemory imageFilename reading hashing: 'SHA1' ) -= 0; close; digest ) asHexString
Ciphers - Native message := 'Hello World!' asByteArrayEncoding: #ascii. key := 'Open Sesame!!!!!' asByteArrayEncoding: #ascii. ((ARC4 key: key) encrypt: message) asHexString. cipher := AES key: key. cipher := CipherBlockChaining on: cipher. iv := ByteArray new: 16 withAll: 1. cipher setIV: iv. cipher := BlockPadding on: cipher. (cipher encrypt: message) asHexString
Ciphers - Speed megs := 100. buffer := ByteArray new: 1000. time := [ megs * 1000 timesRepeat: [ 1 to: buffer size do: [ :i | buffer at: i put: (buffer at: i) ]] ] timeToRun. megs asFloat / time asSeconds. time := [ self readWriteMegs: megs ] timeToRun. megs asFloat / time asSeconds
Ciphers - External buffer := ByteArray new: message size + iv size. cipher := Cipher new. padding := iv size - (message size iv size). padding := ByteArray new: padding withAll: padding. [ | count | cipher algorithm: 'AES' mode: 'CBC' key: key iv: iv encrypt: true. count := cipher update: message size from: message into: buffer. result := buffer copyFrom: 1 to: count. count := cipher update: padding size from: padding into: buffer. result := result, (buffer copyFrom: 1 to: count). count := cipher finishInto: buffer. result, (buffer copyFrom: 1 to: count) ] ensure: [ cipher release ]
Ciphers - Xtreams ((( ByteArray new writing encrypting: 'AES' mode: 'CBC' key: key iv: iv ) hashing: 'SHA1' ) write: message; write: padding; close; terminal ) asHexString
Public Key - Native keys := RSAKeyGenerator keySize: 1024. keys publicKey. rsa := RSA new privateKey: keys privateKey. rsa useMD5. sig := rsa sign: message.
Public Key - External key := PrivateKey RSALength: 1024. [ | digest | digest := (message reading hashing: 'SHA1') -= 0; close; digest. key sign: digest hash: 'SHA1' padding: 'PKCS1' ] ensure: [ key release ]
Native - Pros * understanding and know-how * ease of use and deployment * automatically cross platform * easy integration * debugging
Native - Cons * maintenance/evolution * security issues * speed * certification * hardware integration * export restrictions
External - Pros * development cost (maybe) * evolves for free (hopefully) * speed * certification (possibly) * hardware integration (possibly)
External - Cons * platform coverage * integration issues * support * FFI issues * brittleness
Summary * seamless use * seamless deployment * platform coverage * capability coverage * extensibility * other constraints * certification/approved implementations * hardware support * performance

Recomendados

VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael MedinOSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
NETWAYS
 
Ruby on embedded devices rug::b Aug 2014
Ruby on embedded devices rug::b Aug 2014Ruby on embedded devices rug::b Aug 2014
Ruby on embedded devices rug::b Aug 2014
Eno Thierbach
 
Caching solutions with Redis
Caching solutions with RedisCaching solutions with Redis
Caching solutions with Redis
George Platon
 
A promising approach for debugging remote promises
A promising approach for debugging remote promisesA promising approach for debugging remote promises
A promising approach for debugging remote promises
ESUG
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to Redis
Dvir Volk
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis Introduction
Alex Su
 
Nodejs - Should Ruby Developers Care?
Nodejs - Should Ruby Developers Care?Nodejs - Should Ruby Developers Care?
Nodejs - Should Ruby Developers Care?
Felix Geisendörfer
 

Recomendados

VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael MedinOSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
NETWAYS
 
Ruby on embedded devices rug::b Aug 2014
Ruby on embedded devices rug::b Aug 2014Ruby on embedded devices rug::b Aug 2014
Ruby on embedded devices rug::b Aug 2014
Eno Thierbach
 
Caching solutions with Redis
Caching solutions with RedisCaching solutions with Redis
Caching solutions with Redis
George Platon
 
A promising approach for debugging remote promises
A promising approach for debugging remote promisesA promising approach for debugging remote promises
A promising approach for debugging remote promises
ESUG
 
Introduction to Redis
Introduction to RedisIntroduction to Redis
Introduction to Redis
Dvir Volk
 
Redis Introduction
Redis IntroductionRedis Introduction
Redis Introduction
Alex Su
 
Nodejs - Should Ruby Developers Care?
Nodejs - Should Ruby Developers Care?Nodejs - Should Ruby Developers Care?
Nodejs - Should Ruby Developers Care?
Felix Geisendörfer
 
Introduction to redis - version 2
Introduction to redis - version 2Introduction to redis - version 2
Introduction to redis - version 2
Dvir Volk
 
Linux 101
Linux 101Linux 101
Linux 101
Hieu Huynh
 
Container Security via Monitoring and Orchestration - Container Security Summit
Container Security via Monitoring and Orchestration - Container Security SummitContainer Security via Monitoring and Orchestration - Container Security Summit
Container Security via Monitoring and Orchestration - Container Security Summit
David Timothy Strauss
 
Vault encryption support
Vault encryption supportVault encryption support
Vault encryption support
Sumit Lonial
 
Rust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneRust: Systems Programming for Everyone
Rust: Systems Programming for Everyone
C4Media
 
Nodejs - A quick tour (v4)
Nodejs - A quick tour (v4)Nodejs - A quick tour (v4)
Nodejs - A quick tour (v4)
Felix Geisendörfer
 
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Day Berlin: Ceph and iSCSI in a high availability setupCeph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Community
 
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit
 
Paris Redis Meetup Introduction
Paris Redis Meetup IntroductionParis Redis Meetup Introduction
Paris Redis Meetup Introduction
Gregory Boissinot
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
ESUG
 
Node.js in production
Node.js in productionNode.js in production
Node.js in production
Felix Geisendörfer
 
Nodejs - A quick tour (v5)
Nodejs - A quick tour (v5)Nodejs - A quick tour (v5)
Nodejs - A quick tour (v5)
Felix Geisendörfer
 
What is new in CFEngine 3.6
What is new in CFEngine 3.6What is new in CFEngine 3.6
What is new in CFEngine 3.6
Jonathan Clarke
 
Nodejs - A-quick-tour-v3
Nodejs - A-quick-tour-v3Nodejs - A-quick-tour-v3
Nodejs - A-quick-tour-v3
Felix Geisendörfer
 
Kicking ass with redis
Kicking ass with redisKicking ass with redis
Kicking ass with redis
Dvir Volk
 
Node.js - A practical introduction (v2)
Node.js - A practical introduction (v2)Node.js - A practical introduction (v2)
Node.js - A practical introduction (v2)
Felix Geisendörfer
 
Vault
VaultVault
Vault
dawnlua
 
Nodejs a-practical-introduction-oredev
Nodejs a-practical-introduction-oredevNodejs a-practical-introduction-oredev
Nodejs a-practical-introduction-oredev
Felix Geisendörfer
 
Node.js - As a networking tool
Node.js - As a networking toolNode.js - As a networking tool
Node.js - As a networking tool
Felix Geisendörfer
 
Relayd: a load balancer for OpenBSD
Relayd: a load balancer for OpenBSD Relayd: a load balancer for OpenBSD
Relayd: a load balancer for OpenBSD
Giovanni Bechis
 
Talents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of ReuseTalents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of Reuse
ESUG
 
Magritte Magic
Magritte MagicMagritte Magic
Magritte Magic
ESUG
 

Más contenido relacionado

La actualidad más candente

Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit
 
Kicking ass with redis
Kicking ass with redisKicking ass with redis
Kicking ass with redis
Dvir Volk
 

La actualidad más candente (20)

Introduction to redis - version 2
Introduction to redis - version 2Introduction to redis - version 2
Introduction to redis - version 2
 
Linux 101
Linux 101Linux 101
Linux 101
 
Container Security via Monitoring and Orchestration - Container Security Summit
Container Security via Monitoring and Orchestration - Container Security SummitContainer Security via Monitoring and Orchestration - Container Security Summit
Container Security via Monitoring and Orchestration - Container Security Summit
 
Vault encryption support
Vault encryption supportVault encryption support
Vault encryption support
 
Rust: Systems Programming for Everyone
Rust: Systems Programming for EveryoneRust: Systems Programming for Everyone
Rust: Systems Programming for Everyone
 
Nodejs - A quick tour (v4)
Nodejs - A quick tour (v4)Nodejs - A quick tour (v4)
Nodejs - A quick tour (v4)
 
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Day Berlin: Ceph and iSCSI in a high availability setupCeph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
 
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
 
Paris Redis Meetup Introduction
Paris Redis Meetup IntroductionParis Redis Meetup Introduction
Paris Redis Meetup Introduction
 
Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2Cryptography for Smalltalkers 2
Cryptography for Smalltalkers 2
 
Node.js in production
Node.js in productionNode.js in production
Node.js in production
 
Nodejs - A quick tour (v5)
Nodejs - A quick tour (v5)Nodejs - A quick tour (v5)
Nodejs - A quick tour (v5)
 
What is new in CFEngine 3.6
What is new in CFEngine 3.6What is new in CFEngine 3.6
What is new in CFEngine 3.6
 
Nodejs - A-quick-tour-v3
Nodejs - A-quick-tour-v3Nodejs - A-quick-tour-v3
Nodejs - A-quick-tour-v3
 
Kicking ass with redis
Kicking ass with redisKicking ass with redis
Kicking ass with redis
 
Node.js - A practical introduction (v2)
Node.js - A practical introduction (v2)Node.js - A practical introduction (v2)
Node.js - A practical introduction (v2)
 
Vault
VaultVault
Vault
 
Nodejs a-practical-introduction-oredev
Nodejs a-practical-introduction-oredevNodejs a-practical-introduction-oredev
Nodejs a-practical-introduction-oredev
 
Node.js - As a networking tool
Node.js - As a networking toolNode.js - As a networking tool
Node.js - As a networking tool
 
Relayd: a load balancer for OpenBSD
Relayd: a load balancer for OpenBSD Relayd: a load balancer for OpenBSD
Relayd: a load balancer for OpenBSD
 

Destacado

Talents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of ReuseTalents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of Reuse
ESUG
 
Bloc: a Modern Core for Highly Dynamic Graphics
Bloc: a Modern Core for Highly Dynamic Graphics Bloc: a Modern Core for Highly Dynamic Graphics
Bloc: a Modern Core for Highly Dynamic Graphics
ESUG
 

Destacado (9)

Talents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of ReuseTalents: Dynamically Composable Units of Reuse
Talents: Dynamically Composable Units of Reuse
 
Magritte Magic
Magritte MagicMagritte Magic
Magritte Magic
 
IronSmalltalk
IronSmalltalkIronSmalltalk
IronSmalltalk
 
Show Us: SS7 Update
Show Us: SS7 UpdateShow Us: SS7 Update
Show Us: SS7 Update
 
DeltaImpact: Assessing semantic merge conflicts with Dependency Analysis
DeltaImpact: Assessing semantic merge conflicts with Dependency AnalysisDeltaImpact: Assessing semantic merge conflicts with Dependency Analysis
DeltaImpact: Assessing semantic merge conflicts with Dependency Analysis
 
Code Transformation by Direct Transformation of ASTs
Code Transformation by Direct Transformation of ASTsCode Transformation by Direct Transformation of ASTs
Code Transformation by Direct Transformation of ASTs
 
Bloc: a Modern Core for Highly Dynamic Graphics
Bloc: a Modern Core for Highly Dynamic Graphics Bloc: a Modern Core for Highly Dynamic Graphics
Bloc: a Modern Core for Highly Dynamic Graphics
 
Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...
Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...
Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...
 
Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...
Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...
Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...
 

Similar a Native or External?

12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptography
drewz lin
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
Next Generation DevOps in Drupal: DrupalCamp London 2014
Next Generation DevOps in Drupal: DrupalCamp London 2014Next Generation DevOps in Drupal: DrupalCamp London 2014
Next Generation DevOps in Drupal: DrupalCamp London 2014
Barney Hanlon
 
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
kadalisrikanth
 
Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006
Martin Kobetic
 
Computer network (4)
Computer network (4)Computer network (4)
Computer network (4)
NYversity
 

Similar a Native or External? (20)

12 symmetric key cryptography
12 symmetric key cryptography12 symmetric key cryptography
12 symmetric key cryptography
 
Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)Cryptography for Absolute Beginners (May 2019)
Cryptography for Absolute Beginners (May 2019)
 
How does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen OomsHow does cryptography work? by Jeroen Ooms
How does cryptography work? by Jeroen Ooms
 
Django cryptography
Django cryptographyDjango cryptography
Django cryptography
 
Web cryptography javascript
Web cryptography javascriptWeb cryptography javascript
Web cryptography javascript
 
Message Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 AlgorithmMessage Authentication using Message Digests and the MD5 Algorithm
Message Authentication using Message Digests and the MD5 Algorithm
 
Rust Hack
Rust HackRust Hack
Rust Hack
 
Secure erasure code based cloud storage system with secure data forwarding
Secure erasure code based cloud storage system with secure data forwardingSecure erasure code based cloud storage system with secure data forwarding
Secure erasure code based cloud storage system with secure data forwarding
 
$kernel->infect(): Creating a cryptovirus for Symfony2 apps
$kernel->infect(): Creating a cryptovirus for Symfony2 apps$kernel->infect(): Creating a cryptovirus for Symfony2 apps
$kernel->infect(): Creating a cryptovirus for Symfony2 apps
 
Next Generation DevOps in Drupal: DrupalCamp London 2014
Next Generation DevOps in Drupal: DrupalCamp London 2014Next Generation DevOps in Drupal: DrupalCamp London 2014
Next Generation DevOps in Drupal: DrupalCamp London 2014
 
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
 
OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)OpenSSL programming (still somewhat initial version)
OpenSSL programming (still somewhat initial version)
 
comp security lab.ppsx
comp security lab.ppsxcomp security lab.ppsx
comp security lab.ppsx
 
introduction to jsrsasign
introduction to jsrsasignintroduction to jsrsasign
introduction to jsrsasign
 
Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006Cryptography for Smalltalkers 2 - ESUG 2006
Cryptography for Smalltalkers 2 - ESUG 2006
 
Introduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release updateIntroduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release update
 
Shellcode Disassembling - Reverse Engineering
Shellcode Disassembling - Reverse EngineeringShellcode Disassembling - Reverse Engineering
Shellcode Disassembling - Reverse Engineering
 
Pulsar Summit Asia - Running a secure pulsar cluster
Pulsar Summit Asia - Running a secure pulsar clusterPulsar Summit Asia - Running a secure pulsar cluster
Pulsar Summit Asia - Running a secure pulsar cluster
 
Computer network (4)
Computer network (4)Computer network (4)
Computer network (4)
 
Computer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdfComputer Security Laboratory Manual .pdf
Computer Security Laboratory Manual .pdf
 

Más de ESUG

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programming
ESUG
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and Roadmap
ESUG
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...
ESUG
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early results
ESUG
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
ESUG
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test Generation
ESUG
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic Programming
ESUG
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
ESUG
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience Report
ESUG
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIs
ESUG
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
ESUG
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and Future
ESUG
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and Transformations
ESUG
 

Más de ESUG (20)

Workshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programmingWorkshop: Identifying concept inventories in agile programming
Workshop: Identifying concept inventories in agile programming
 
Technical documentation support in Pharo
Technical documentation support in PharoTechnical documentation support in Pharo
Technical documentation support in Pharo
 
The Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and RoadmapThe Pharo Debugger and Debugging tools: Advances and Roadmap
The Pharo Debugger and Debugging tools: Advances and Roadmap
 
Sequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in PharoSequence: Pipeline modelling in Pharo
Sequence: Pipeline modelling in Pharo
 
Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...Migration process from monolithic to micro frontend architecture in mobile ap...
Migration process from monolithic to micro frontend architecture in mobile ap...
 
Analyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early resultsAnalyzing Dart Language with Pharo: Report and early results
Analyzing Dart Language with Pharo: Report and early results
 
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
Transpiling Pharo Classes to JS ECMAScript 5 versus ECMAScript 6
 
A Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test GenerationA Unit Test Metamodel for Test Generation
A Unit Test Metamodel for Test Generation
 
Creating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic ProgrammingCreating Unit Tests Using Genetic Programming
Creating Unit Tests Using Genetic Programming
 
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution ModesThreaded-Execution and CPS Provide Smooth Switching Between Execution Modes
Threaded-Execution and CPS Provide Smooth Switching Between Execution Modes
 
Exploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience ReportExploring GitHub Actions through EGAD: An Experience Report
Exploring GitHub Actions through EGAD: An Experience Report
 
Pharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIsPharo: a reflective language A first systematic analysis of reflective APIs
Pharo: a reflective language A first systematic analysis of reflective APIs
 
Garbage Collector Tuning
Garbage Collector TuningGarbage Collector Tuning
Garbage Collector Tuning
 
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame CaseImproving Performance Through Object Lifetime Profiling: the DataFrame Case
Improving Performance Through Object Lifetime Profiling: the DataFrame Case
 
Pharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and FuturePharo DataFrame: Past, Present, and Future
Pharo DataFrame: Past, Present, and Future
 
thisContext in the Debugger
thisContext in the DebuggerthisContext in the Debugger
thisContext in the Debugger
 
Websockets for Fencing Score
Websockets for Fencing ScoreWebsockets for Fencing Score
Websockets for Fencing Score
 
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScriptShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
ShowUs: PharoJS.org Develop in Pharo, Run on JavaScript
 
Advanced Object- Oriented Design Mooc
Advanced Object- Oriented Design MoocAdvanced Object- Oriented Design Mooc
Advanced Object- Oriented Design Mooc
 
A New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and TransformationsA New Architecture Reconciling Refactorings and Transformations
A New Architecture Reconciling Refactorings and Transformations
 

Último

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Native or External?

  • 1. Native or External? Lessons learned implementing cryptography for VisualWorks Martin Kobetic Cincom Smalltalk Engineering ESUG 2011
  • 2. Let's implement SSL! DES, MD5, SHA, RSA, DSA, RC4, X.509, ASN.1, DER, ... * SSL 3.0, RSA, DES, RC4, basic X.509 (RSA only) * DH, DSA, + SSL integration, AES * X.509 on ASN.1, faster RSA (CRT),... * new ASN.1 (read/write), more X.509 * protocols/S (HTTPS, SMTPS,....)
  • 3. What is Cryptography hashes MD5, SHA1, SHA256, ... secret key (symmetric) ciphers AES, DES, RC4,... public key algorithms * signing (RSA, DSA, ECDSA) * encryption (RSA) * key agreement (DH, ECDH)
  • 4. Hashes - Native (MD5 hash: 'Hello') asHexString. buffer := ByteArray new: 16384. hash := SHA new. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash updateWith: buffer from: 1 to: read ]. ] ensure: [ file close ]. hash digest asHexString.
  • 5. Hashes - External buffer := ByteArray new: 16384. hash := Hash new algorithm: 'SHA1'; yourself. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash update: read from: buffer ]. hash finish asHexString ] ensure: [ file close. hash release ].
  • 6. Hashes - Xtreams ((ObjectMemory imageFilename reading hashing: 'SHA1' ) -= 0; close; digest ) asHexString
  • 7. Ciphers - Native message := 'Hello World!' asByteArrayEncoding: #ascii. key := 'Open Sesame!!!!!' asByteArrayEncoding: #ascii. ((ARC4 key: key) encrypt: message) asHexString. cipher := AES key: key. cipher := CipherBlockChaining on: cipher. iv := ByteArray new: 16 withAll: 1. cipher setIV: iv. cipher := BlockPadding on: cipher. (cipher encrypt: message) asHexString
  • 8. Ciphers - Speed megs := 100. buffer := ByteArray new: 1000. time := [ megs * 1000 timesRepeat: [ 1 to: buffer size do: [ :i | buffer at: i put: (buffer at: i) ]] ] timeToRun. megs asFloat / time asSeconds. time := [ self readWriteMegs: megs ] timeToRun. megs asFloat / time asSeconds
  • 9. Ciphers - External buffer := ByteArray new: message size + iv size. cipher := Cipher new. padding := iv size - (message size iv size). padding := ByteArray new: padding withAll: padding. [ | count | cipher algorithm: 'AES' mode: 'CBC' key: key iv: iv encrypt: true. count := cipher update: message size from: message into: buffer. result := buffer copyFrom: 1 to: count. count := cipher update: padding size from: padding into: buffer. result := result, (buffer copyFrom: 1 to: count). count := cipher finishInto: buffer. result, (buffer copyFrom: 1 to: count) ] ensure: [ cipher release ]
  • 10. Ciphers - Xtreams ((( ByteArray new writing encrypting: 'AES' mode: 'CBC' key: key iv: iv ) hashing: 'SHA1' ) write: message; write: padding; close; terminal ) asHexString
  • 11. Public Key - Native keys := RSAKeyGenerator keySize: 1024. keys publicKey. rsa := RSA new privateKey: keys privateKey. rsa useMD5. sig := rsa sign: message.
  • 12. Public Key - External key := PrivateKey RSALength: 1024. [ | digest | digest := (message reading hashing: 'SHA1') -= 0; close; digest. key sign: digest hash: 'SHA1' padding: 'PKCS1' ] ensure: [ key release ]
  • 13. Native - Pros * understanding and know-how * ease of use and deployment * automatically cross platform * easy integration * debugging
  • 14. Native - Cons * maintenance/evolution * security issues * speed * certification * hardware integration * export restrictions
  • 15. External - Pros * development cost (maybe) * evolves for free (hopefully) * speed * certification (possibly) * hardware integration (possibly)
  • 16. External - Cons * platform coverage * integration issues * support * FFI issues * brittleness
  • 17. Summary * seamless use * seamless deployment * platform coverage * capability coverage * extensibility * other constraints * certification/approved implementations * hardware support * performance