This post originated from an RSS feed registered with Ruby Buzz
by James Britt.
Original Post: Polylanguage Encryption with xICE
Feed Title: James Britt: Ruby Development
Feed URL: http://feeds.feedburner.com/JamesBritt-Home
Feed Description: James Britt: Playing with better toys
While working on De.linque.nt, I looked about for a way to do content encrypting in Ruby when posting, and content decrypting in JavaScript via Greasemonkey.
I quickly found a very nice JavaScript version of the TEA block algorithm, and took a stab at porting it to Ruby. However, I am apparently the wrong combination of slow and dense to pull it off; others have offered to try their hand and I expect better results.
In the meantime, though, I've come across a RubyForge project that offers what appears to be a quite sophisticated suite of xICE encryption tools. The project summary says
The xICE Encryption Algorithm Software Development Kit allows developers of all skill levels to implement xICE encryption into their applications, and web applications. Code in ASP, VB6, JScript, and Ruby.
Indeed, the zipfile includes complete code for both JavaScript and Ruby. Sweet.
I've been experimenting with it, adding encrypted posts to Del.icio.us, and have found that one can pick a key of reasonable size (i.e., long enough that a brute force attack would take some time) and still have room for plain-text messages of roughly 100 characters (the description and extended fields have a max length of 256 characters, and the encryption process expands the size of the resulting message).
I do not know just how secure xICE is, though I plan to find out. Certainly I wouldn't post anything of any real importance to a public bookmark site, but the encryption should at least resist general amateur hacking.
Previous Topic
