Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Encryption in Smalltalk

5 views
Skip to first unread message

dm...@erols.com

unread,
Mar 4, 2009, 4:06:26 PM3/4/09
to
Greeting Fellow Smalltalkers,

JAS\JWARS has a requirement to "encrypt" the data we send over the
wire. Since the definition of encryption is TBD, we want to put
something reasonable, and easy, in now, check the box, and move on.
Googling Smalltalk and encryption gets no useful hits.

Any ideas, pointers, war stories appreciated.

Thanks

Donald [|]

Frank Lesser [LSW]

unread,
Mar 4, 2009, 4:11:16 PM3/4/09
to
Hi,

DNG has encryption primitives ( AES-256 ) in the VM - it is used to read &
write encrytped images & Smalltalk-Link Libraries - but can be used to
encrypt ordinary data as well.

with best regards, Frank Lesser

<dm...@erols.com> schrieb im Newsbeitrag
news:8664b2fe-831b-437e...@r16g2000vbp.googlegroups.com...

mkob...@gmail.com

unread,
Mar 4, 2009, 5:32:44 PM3/4/09
to
On Mar 4, 4:06 pm, "dm...@erols.com" <dm...@erols.com> wrote:
> JAS\JWARS has a requirement to "encrypt" the data we send over the
> wire. Since the definition of encryption is TBD, we want to put
> something reasonable, and easy, in now, check the box, and move on.
> Googling Smalltalk and encryption gets no useful hits.

I would try hard to not attempt to invent a new secure protocol (it's
hard). Look for standard solutions first. It's not clear if you're
supposed to protect the data just in transit or if you need an end-to-
end solution where data stays encrypted at the destination too. If the
former the best bet is to use SSL or SSH whichever you have available.
If the latter then you should look at something like PGP or SMIME,
again whatever is available. By available I mean whatever you can find
supported in your smalltalk dialect or maybe even consider using an
external tool/library. Whatever you pick will likely require some
study, unless you are already familiar with these things which may be
in conflict with your "easy" requirement. But if you find these not
easy enough, I can assure you that rolling your own using low level
cryptographic primitives is much, much harder, if you want something
that's any good.

HTH,

Martin

jarober

unread,
Mar 4, 2009, 6:14:53 PM3/4/09
to
VW has a full set of encryption libs, so you could always bring that
in for the mission critical pieces :)


More seriously for your case, you could try wrapping OpenSSL -
shouldn't be that hard if you have people who understand that kind of
thing


On Mar 4, 4:06 pm, "dm...@erols.com" <dm...@erols.com> wrote:

Joachim Tuchel

unread,
Mar 5, 2009, 12:18:01 AM3/5/09
to
Donald, James,

VAST already comes with a wrapper for (part of) OpenSSL. As I understand
some discussion on the VAST support forum, this wrapper isn't fully up
to date, but probably good enough or at least a good starting point.

Greetings,

Joachim


jarober schrieb:

geoff

unread,
Mar 5, 2009, 2:51:05 PM3/5/09
to
> VAST already comes with a wrapper for (part of) OpenSSL.

True but VW has a full set of encryption classes written in ST.

--g


Frank Lesser [LSW]

unread,
Mar 5, 2009, 3:24:41 PM3/5/09
to
Hi,

symmetric encryption need to be fast as possible - therefore it should be
coded in Assembly - as it in in DNG's VM.
we used encryption algorithms written in Smalltalk to test our adaptive
native compilation to achieve C speed with Smalltalk years ago.

of course there are Smalltalk Libraries available also for Dolphin - and
because DNG is compatible with D6 it will work for DNG

Frank


mkob...@gmail.com

unread,
Mar 5, 2009, 6:10:47 PM3/5/09
to
On Mar 5, 3:24 pm, "Frank Lesser [LSW]" <frank-les...@lesser-

software.com> wrote:
> symmetric encryption need to be fast as possible - therefore it should be
> coded in Assembly - as it in in DNG's VM.

In the same spirit any general purpose algorithm should be as fast as
possible. It can't hurt and you never know when it might matter,
right? Therefore they all should be written in assembler. :-)

But seriously, the bulk cipher is likely just one part of the solution
that's needed, unless the requirement really is to "encrypt" the data
in transit just for the sake of it. What about the key generation/
management ? What about authentication ? If you don't know who you're
talking to, then what's the point of encrypting the communication ?
And so on... Ultimately you need to figure out what exactly you're
trying to protect from whom and then hopefully find a standard
solution that fits the requirements and your specific circumstances.

Martin

geoff

unread,
Mar 5, 2009, 8:39:18 PM3/5/09
to
> symmetric encryption need to be fast as possible

Depends on what it is being used for, passwords, it works fine, small
documents or an email, works fine, however, if one has a 2 meg xml file or
large binary file then it may be too slow.

Also, I do not know but would suspect that DNG makes calls to the OS.
Encoding a full set of encryption algorithms in assembly would be a lot of
work, in assembly means no external calls, the work is done within the code.

I worked in assembly for eight years in an engineering environment doing
math calculations. The matrix transforms by themselves were the size of a
phonebook when printed out.

--g


Frank Lesser [LSW]

unread,
Mar 6, 2009, 12:20:57 AM3/6/09
to
no calls to the OS for AES256 - standalone assemby - for encryption &
decyption primitives.

"geoff" <nos...@nospam.com> schrieb im Newsbeitrag
news:99%rl.80114$Dl2....@fe02.news.easynews.com...

geoff

unread,
Mar 6, 2009, 4:26:26 AM3/6/09
to
You need to decide which is more important, an SSL connection or passing
encrypted data. If a person is doing one, is the other necessary?

--g


ben

unread,
Mar 6, 2009, 7:40:40 AM3/6/09
to
Donald,

Instantiations has an "Tiny encyption algorithm" for VA Smalltalk in
the goodies section: http://www.instantiations.com/VAST/more/goodies.html.

Greetings, Ben.

geoff

unread,
Mar 6, 2009, 8:11:01 AM3/6/09
to
That is fast and would keep prying eyes away but I doubt it is good enough
for jwars. They probably want one of the old standard methods of
encryption.

--g


Joachim Tuchel

unread,
Mar 15, 2009, 3:17:11 PM3/15/09
to
geoff schrieb:

>> VAST already comes with a wrapper for (part of) OpenSSL.
>
> True but VW has a full set of encryption classes written in ST.
>

which only helps if you use or plan to use VisulWorks ;-) .
But you're right, VW has better support here.

Joachim

geoff

unread,
Mar 15, 2009, 7:07:08 PM3/15/09
to
It would be easy enough to port to other ST's assuming what one wrote is not
being sold commercially.

Also, on the speed issue, I feel it would be fast enough for most things but
would probably be slow if all you plan to do is encrypt 50 meg files.

--g


itsmeront

unread,
Mar 16, 2009, 8:52:04 AM3/16/09
to

Squeak is your answer.

http://www.squeaksource.com/Cryptography.html

All the best,

Ron Teitelbaum

Claus Dragon

unread,
Mar 17, 2009, 10:19:01 AM3/17/09
to

How about a SPORT Encryption package?

Matt Sims

unread,
Mar 26, 2009, 4:41:12 PM3/26/09
to
I have VAST implementations of RC4, DES and RSA (public key crypto) if they
would be of use to you. I haven't looked at these for a while but they may
be of help. As already stated, although wonderful for most things,
Smalltalk does not really suit cryptographic algorithms as these usually
need to be very quick to run. However, if you can encrypt/decrypt as fast
as you can send or recieve then, apart from latency, this should not be a
problem.

Please let me know if these are of use to you and I can send them to you.

-- Matt

[Also an implementation of SHA1 hashing algorithm]


geoff

unread,
Mar 27, 2009, 12:41:28 PM3/27/09
to
> I have VAST implementations of RC4, DES and RSA (public key crypto)

Submit them as a goodie to Instantiations. They always retain the name of
the author unless you do not want that.

--g


Claus Dragon

unread,
Mar 28, 2009, 6:55:19 PM3/28/09
to

Do they end up there http://vastgoodies.com/ then?

VastGoodies is exactly what VAST needed, by the way. Something like
the Squeak repositories or like the public store.

geoff

unread,
Mar 28, 2009, 6:57:47 PM3/28/09
to
I do not think vastgoodies.com is an Instantiations website but submitting
there is fine also.

--g


a3aan

unread,
Apr 8, 2009, 6:10:03 AM4/8/09
to
Matt,

Uploading them to VAStGoodies.com would be perfect. Just download

http://vastgoodies.com/maps/VAStGoodies.com%20Tools

and you're set to upload from the Configuration Maps browser.

Adriaan.

On Mar 26, 4:41 pm, "Matt Sims" <matts...@totallyobjects.com> wrote:

[..]

Louis Andriese

unread,
Apr 8, 2009, 6:36:33 AM4/8/09
to
> > [Also an implementation of SHA1 hashing algorithm]- Tekst uit oorspronkelijk bericht niet weergeven -
>
> - Tekst uit oorspronkelijk bericht weergeven -

Matt,

I second the request to make your encryption-stuff available. As noted
before, the openssl-interface in VA has it's issues in the current
version.
FWIW, although vastgoodies.com is not operated by Instantiations, it
certainly is endorsed by them.

kind regards,

Louis

0 new messages