[R] Help with decrypting

Marc Schwartz marc_schwartz at me.com
Wed Nov 9 20:33:18 CET 2016 

Hi Don,

Since there is not a current R package implementation of the blowfish algorithm for encyrpt/decrypt, as far as I can tell, your only options via R would be to call an external script/program that provides that functionality from within R, or consider integrating one of the compiled language versions (e.g. C/C++) into an R package that you would create, presuming that the licenses for those implementations would allow for that. The algorithm itself is public domain thanks to Bruce.

There are "interpreted" versions of the Blowfish implementation available, including one in pure Perl in the Crypt module and a Visual Basic version, which you could possibly follow and re-write in pure R. But going that route risks introducing errors in the implementation, which needless to say, is not a risk you really want to take.

However, in general, encrypt/decrypt algorithms are designed to be intentionally difficult and are usually CPU bound, since they are doing multiple rounds of bit-level manipulations. Thus, using interpreted program versions for anything but a small amount of text is typically going to be problematic compute time-wise.

That is why they are generally implemented in compiled languages or for more complex algorithms, in firmware.

BTW, vis-a-vis your reply back to Bob, as I noted, the variant of Blowfish that is in the bcrypt package on CRAN will not do what you want. It is designed to do one thing, encrypt passwords using a non-reversible algorithm (hash) for storage and later comparison with an entered cleartext password, that is encrypted using the same algorithm. 

Regards,

Marc


> On Nov 9, 2016, at 12:11 PM, MacQueen, Don <macqueen1 at llnl.gov> wrote:
> 
> Thanks, Marc,
> 
> Unfortunately, I didn't choose the encryption method. My (only) need is to be able to decrypt an existing file that is maintained by others. I am able to use system() on a simple perl script to do the job, but I'm hoping for an R-only solution, primarily for portability.
> 
> -Don
> 
> -- 
> Don MacQueen
> Lawrence Livermore National Laboratory
> 7000 East Ave., L-627
> Livermore, CA 94550
> 925-423-1062
> 
> 
> From: Marc Schwartz <marc_schwartz at me.com <mailto:marc_schwartz at me.com>>
> Date: Monday, November 7, 2016 at 3:30 PM
> To: dh m <macqueen1 at llnl.gov <mailto:macqueen1 at llnl.gov>>
> Cc: R-help <R-help at r-project.org <mailto:R-help at r-project.org>>
> Subject: Re: [R] Help with decrypting
> 
> 
>> On Nov 7, 2016, at 4:47 PM, MacQueen, Don <macqueen1 at llnl.gov <mailto:macqueen1 at llnl.gov>> wrote:
>> 
>> I have a file containing encrypted contents. The contents can be decrypted
>> using perl, like this:
>> 
>> open (FILEHANDLE, "/path/to/file")
>> chomp ($ciphertext = <FILEHANDLE>);
>> 
>> 
>> use Crypt::CBC;
>> $cipher = Crypt::CBC->new( -key    => 'my secret key',
>>                           -cipher => 'Blowfish'
>>                          );
>> 
>> $plaintext  = $cipher->decrypt($ciphertext);
>> 
>> 
>> (See http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm <http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm>)
>> 
>> M goal is to have the value of $plaintext in an R object, so, is there an
>> R equivalent to this decrypt() perl function?
>> 
>> I've found R packages
>>  bcrypt
>>  sodium
>> that appear to have potential, but I don't understand this business well
>> enough to figure out how to use them, if indeed they can be used, for
>> this. Help would be much appreciated.
>> 
>> Thanks
>> -Don
>> 
> 
> 
> 
> Hi Don,
> 
> Blowfish is Bruce Schneier's algorithm from the early 90's, which even Bruce suggested some time ago not be used. Bruce has some alternative Blowfish implementations available via his web site:
> 
>   https://www.schneier.com/academic/blowfish/download.html <https://www.schneier.com/academic/blowfish/download.html>
> 
> and there is a link there for some third party products that still have it and might provide for a CLI based interface as an alternative (e.g. GnuPG) if you need to use it.
> 
> From what I can tell, 'sodium' does not support Blowfish and the implementation in bcrypt, if I am reading correctly, only provides for a one-way hash implementation, as opposed to encrypt/decrypt functions.
> 
> Thus, barring that my searching for alternative R implementations of Blowfish resulted in a Type II error, I do not see any R implementations of Blowfish that support encrypt/decrypt.
> 
> If you want to use the Perl module implementation via R, you can take a look at my WriteXLS package on GitHub:
> 
>   https://github.com/marcschwartz/WriteXLS <https://github.com/marcschwartz/WriteXLS>
> 
> and see how I call Perl scripts within WriteXLS.R:
> 
>   https://github.com/marcschwartz/WriteXLS/blob/master/R/WriteXLS.R <https://github.com/marcschwartz/WriteXLS/blob/master/R/WriteXLS.R>
> 
> around line 242.
> 
> That might provide one method for you.
> 
> That all being said, as per Bruce's recommendation, there are "better" encryption/decryption algorithms these days (some in the 'digest' package by Dirk), depending upon who you are trying to protect the data from... :-)
> 
> Regards,
> 
> Marc Schwartz
> 
> 


	[[alternative HTML version deleted]]

More information about the R-help mailing list