Encryption techniques (was: standalone has plainly readable transcript)

[Mark Brownell]

On Saturday, June 14, 2003, at 03:25  AM, 
revolution at knowledgeworks.plus.com wrote:

>
> Mark,
>
> I'm not sure if I understand you correctly, but it sounds like you are 
> planning to use Valentina's implementation of Blowfish encryption.  
> Wouldn't that mean that to use your stacks the users would all need to 
> have Valentina deployed with your stack?

That is true. In some cases it is better for my e-Book technology to 
protect the media as well as the textual content of a book. In cases 
where the media is to large and needs to be protected the preferred 
delivery system is an encrypted Valentina database that the user opens 
with the e-Book front-end app. The blob memory capability of Valintina 
is perfect for that kind of use.

>
> I think that the best way for Rev to have encryption is to have it 
> provided in an external.  If you are going to be encrypting 
> potentially quite big stacks, it needs to perform at maximum speed.

Being so very new to Rev I have never tested for speed advantages of 
externals verses local handlers. The destroyWindow process looks very 
good for dumping the memory after the algorithm is used. I have some 
tricks regarding access keys, encryption keys and ram issues that help 
further protect from intrusion while it is being used.

>
> I remember reading on the Rev site before I bought my license that 
> they could trade a license for some significant contribution to Rev's 
> development.  I don't know what that entails, but I think if a 
> high-quality cross-platform, external encryption module could be 
> provided it would be mutually beneficial.
>
> If this does not fit in with their plans for Rev's development, maybe 
> you can use some of the advice provided in the documentation on 
> bypassing the 10 line limit with different coding design?

Perhaps this might happen.

>
> Also, one oughtn't to be misled by the strength of the different 
> cryptographic mechanisms.  For example, when your stack is unencrypted 
> the data in the stack will be in RAM (or possibly also in the swap 
> file).  If someone was determined to get access to your unencrypted 
> data they could extract it from these places.  You might want to 
> consider building your app so that decryption only occurs as and when 
> needed, but then the need for the most speedy for of decryption 
> becomes imperative or you risk making your app run noticably slower.  
> There is always going to be a trade off between the complexity and 
> performance of the app with the necessity of securing the data inside.
>
> Regards
>
> Bernard
>
>

Is there a function in Transcript like "set the Trace = FALSE; in 
Lingo?"  RTFM, I know. I found this "set the traceReturn to {true | 
false}." It looks like it is possible to shut down the trace capability 
if someone tries to turn it on before running the external or handler. 
This might be two different capabilities between Director and Rev.

Thanks Bernard,

Mark