Skip to main content

Posts

Showing posts from November, 2016

Driveby contribution to Python Cryptography

While at PyConAU 2016 I attended the Monday sprints and spent some time looking at a proposed feature I hoped would soon be part of cryptography. As most readers of this blog will know, cryptography is a very respected project within the Python ecosystem and it was an interesting experience to see how such a prominent open source project handles contributions and reviews.

The feature in question is the Diffie-Hellman Key Exchange algorithm used in many cryptography applications. Diffie-Helman Key Exchange is a way of generating a shared secret between two parties where the secret can't be determined by an eavesdropper observing the communication. DHE is extremely common - it is one of the primary methods used to provide "perfect forward secrecy" every time you initiate a TLS connection to an HTTPS website. Mathematically it is extremely elegant and the inventors were the recipients of the 2015 Turing award.

I wanted to write about this particular contribution because man…

Open Source Paillier Libraries

The Confidential Computing team at Data61 has been looking at novel methods of using privacy preserving computation - with the lofty long term goal of increasing users' privacy while still allowing modern analytical insights.

One of the principals we've been relying on is partially homomorphic encryption - the ability to carry out some basic mathematical operations on encrypted data, usually this property is either addition or multiplication. Take a quick look at my previous post on Homomorphic Encryption. My team has looked at multiple homomorphic systems and settled on using the Paillier Crypto system for some of our confidential computing projects.

The homomorphic properties of the Paillier Crypto system are:
An encrypted number can be multiplied by a non encrypted scalar.Encrypted numbers can be added together.Encrypted numbers can be added to non encrypted scalars. Everything else (such as multiplying encrypted numbers together) is either extremely difficult or impossible…