Abstract image of a woman sitting on books and studying on a laptop

Native or External?

E
ESUG

This document discusses the pros and cons of implementing cryptography natively versus using external libraries. It provides examples of implementing hashes, ciphers, and public key algorithms both natively and externally in Smalltalk. Implementing natively allows for easy integration and debugging but has downsides of maintenance burden and potential security issues. Using external libraries reduces development cost but can introduce integration and platform coverage issues. The key factors to consider are providing seamless use, deployment, platform coverage, capability coverage, and extensibility while meeting other requirements like certification and performance.

TechnologyEducation
1 of 17
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Native or External? Lessons learned implementing cryptography for VisualWorks Martin Kobetic Cincom Smalltalk Engineering ESUG 2011
Let's implement SSL! DES, MD5, SHA, RSA, DSA, RC4, X.509, ASN.1, DER, ... * SSL 3.0, RSA, DES, RC4, basic X.509 (RSA only) * DH, DSA, + SSL integration, AES * X.509 on ASN.1, faster RSA (CRT),... * new ASN.1 (read/write), more X.509 * protocols/S (HTTPS, SMTPS,....)
What is Cryptography hashes MD5, SHA1, SHA256, ... secret key (symmetric) ciphers AES, DES, RC4,... public key algorithms * signing (RSA, DSA, ECDSA) * encryption (RSA) * key agreement (DH, ECDH)
Hashes - Native (MD5 hash: 'Hello') asHexString. buffer := ByteArray new: 16384. hash := SHA new. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash updateWith: buffer from: 1 to: read ]. ] ensure: [ file close ]. hash digest asHexString.
Hashes - External buffer := ByteArray new: 16384. hash := Hash new algorithm: 'SHA1'; yourself. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash update: read from: buffer ]. hash finish asHexString ] ensure: [ file close. hash release ].
Hashes - Xtreams ((ObjectMemory imageFilename reading hashing: 'SHA1' ) -= 0; close; digest ) asHexString
Ciphers - Native message := 'Hello World!' asByteArrayEncoding: #ascii. key := 'Open Sesame!!!!!' asByteArrayEncoding: #ascii. ((ARC4 key: key) encrypt: message) asHexString. cipher := AES key: key. cipher := CipherBlockChaining on: cipher. iv := ByteArray new: 16 withAll: 1. cipher setIV: iv. cipher := BlockPadding on: cipher. (cipher encrypt: message) asHexString
Ciphers - Speed megs := 100. buffer := ByteArray new: 1000. time := [ megs * 1000 timesRepeat: [ 1 to: buffer size do: [ :i | buffer at: i put: (buffer at: i) ]] ] timeToRun. megs asFloat / time asSeconds. time := [ self readWriteMegs: megs ] timeToRun. megs asFloat / time asSeconds
Ciphers - External buffer := ByteArray new: message size + iv size. cipher := Cipher new. padding := iv size - (message size iv size). padding := ByteArray new: padding withAll: padding. [ | count | cipher algorithm: 'AES' mode: 'CBC' key: key iv: iv encrypt: true. count := cipher update: message size from: message into: buffer. result := buffer copyFrom: 1 to: count. count := cipher update: padding size from: padding into: buffer. result := result, (buffer copyFrom: 1 to: count). count := cipher finishInto: buffer. result, (buffer copyFrom: 1 to: count) ] ensure: [ cipher release ]
Ciphers - Xtreams ((( ByteArray new writing encrypting: 'AES' mode: 'CBC' key: key iv: iv ) hashing: 'SHA1' ) write: message; write: padding; close; terminal ) asHexString
Public Key - Native keys := RSAKeyGenerator keySize: 1024. keys publicKey. rsa := RSA new privateKey: keys privateKey. rsa useMD5. sig := rsa sign: message.
Public Key - External key := PrivateKey RSALength: 1024. [ | digest | digest := (message reading hashing: 'SHA1') -= 0; close; digest. key sign: digest hash: 'SHA1' padding: 'PKCS1' ] ensure: [ key release ]
Native - Pros * understanding and know-how * ease of use and deployment * automatically cross platform * easy integration * debugging
Native - Cons * maintenance/evolution * security issues * speed * certification * hardware integration * export restrictions
External - Pros * development cost (maybe) * evolves for free (hopefully) * speed * certification (possibly) * hardware integration (possibly)
External - Cons * platform coverage * integration issues * support * FFI issues * brittleness
Summary * seamless use * seamless deployment * platform coverage * capability coverage * extensibility * other constraints * certification/approved implementations * hardware support * performance

More Related Content

PDF
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
PDF
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
NETWAYS
 
PDF
Ruby on embedded devices rug::b Aug 2014
Eno Thierbach
 
PPTX
Caching solutions with Redis
George Platon
 
PDF
A promising approach for debugging remote promises
ESUG
 
PDF
Introduction to Redis
Dvir Volk
 
PPTX
Redis Introduction
Alex Su
 
PDF
Nodejs - Should Ruby Developers Care?
Felix Geisendörfer
 
VisualWorks Security Reloaded - STIC 2012
Martin Kobetic
 
OSMC 2012 | Distributed Monitoring mit NSClient++ by Michael Medin
NETWAYS
 
Ruby on embedded devices rug::b Aug 2014
Eno Thierbach
 
Caching solutions with Redis
George Platon
 
A promising approach for debugging remote promises
ESUG
 
Introduction to Redis
Dvir Volk
 
Redis Introduction
Alex Su
 
Nodejs - Should Ruby Developers Care?
Felix Geisendörfer
 

What's hot (20)

PDF
Introduction to redis - version 2
Dvir Volk
 
PPTX
Linux 101
Hieu Huynh
 
PDF
Container Security via Monitoring and Orchestration - Container Security Summit
David Timothy Strauss
 
PDF
Vault encryption support
Sumit Lonial
 
PDF
Rust: Systems Programming for Everyone
C4Media
 
PDF
Nodejs - A quick tour (v4)
Felix Geisendörfer
 
PPT
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Community
 
PDF
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit
 
PDF
Paris Redis Meetup Introduction
Gregory Boissinot
 
PDF
Cryptography for Smalltalkers 2
ESUG
 
PDF
Node.js in production
Felix Geisendörfer
 
PDF
Nodejs - A quick tour (v5)
Felix Geisendörfer
 
PDF
What is new in CFEngine 3.6
Jonathan Clarke
 
PDF
Nodejs - A-quick-tour-v3
Felix Geisendörfer
 
PDF
Kicking ass with redis
Dvir Volk
 
KEY
Node.js - A practical introduction (v2)
Felix Geisendörfer
 
PDF
Vault
dawnlua
 
PDF
Nodejs a-practical-introduction-oredev
Felix Geisendörfer
 
KEY
Node.js - As a networking tool
Felix Geisendörfer
 
PDF
Relayd: a load balancer for OpenBSD
Giovanni Bechis
 
Introduction to redis - version 2
Dvir Volk
 
Linux 101
Hieu Huynh
 
Container Security via Monitoring and Orchestration - Container Security Summit
David Timothy Strauss
 
Vault encryption support
Sumit Lonial
 
Rust: Systems Programming for Everyone
C4Media
 
Nodejs - A quick tour (v4)
Felix Geisendörfer
 
Ceph Day Berlin: Ceph and iSCSI in a high availability setup
Ceph Community
 
Accumulo Summit 2015: Accumulo In-Depth: Building Bulk Ingest [Sponsored]
Accumulo Summit
 
Paris Redis Meetup Introduction
Gregory Boissinot
 
Cryptography for Smalltalkers 2
ESUG
 
Node.js in production
Felix Geisendörfer
 
Nodejs - A quick tour (v5)
Felix Geisendörfer
 
What is new in CFEngine 3.6
Jonathan Clarke
 
Nodejs - A-quick-tour-v3
Felix Geisendörfer
 
Kicking ass with redis
Dvir Volk
 
Node.js - A practical introduction (v2)
Felix Geisendörfer
 
Vault
dawnlua
 
Nodejs a-practical-introduction-oredev
Felix Geisendörfer
 
Node.js - As a networking tool
Felix Geisendörfer
 
Relayd: a load balancer for OpenBSD
Giovanni Bechis
 
Ad

Viewers also liked (9)

PDF
Talents: Dynamically Composable Units of Reuse
ESUG
 
PDF
Magritte Magic
ESUG
 
PDF
IronSmalltalk
ESUG
 
PDF
Show Us: SS7 Update
ESUG
 
PDF
DeltaImpact: Assessing semantic merge conflicts with Dependency Analysis
ESUG
 
PDF
Code Transformation by Direct Transformation of ASTs
ESUG
 
PDF
Bloc: a Modern Core for Highly Dynamic Graphics
ESUG
 
PDF
Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...
Leinylson Fontinele
 
PDF
Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...
Leinylson Fontinele
 
Talents: Dynamically Composable Units of Reuse
ESUG
 
Magritte Magic
ESUG
 
IronSmalltalk
ESUG
 
Show Us: SS7 Update
ESUG
 
DeltaImpact: Assessing semantic merge conflicts with Dependency Analysis
ESUG
 
Code Transformation by Direct Transformation of ASTs
ESUG
 
Bloc: a Modern Core for Highly Dynamic Graphics
ESUG
 
Sistemas de Telecomunicações - Aula 07 - Sistema Telefônico Fixo e Sistema Te...
Leinylson Fontinele
 
Sistemas de Telecomunicações - Aula 06 - Estrutura da rede pública de Telecom...
Leinylson Fontinele
 
Ad

Similar to Native or External? (20)

PPT
12 symmetric key cryptography
drewz lin
 
PPTX
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
PDF
How does cryptography work? by Jeroen Ooms
Ajay Ohri
 
PPTX
Django cryptography
Erik LaBianca
 
PDF
Web cryptography javascript
Jose Manuel Ortega Candel
 
PPTX
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
PPTX
Rust Hack
Viral Parmar
 
PPTX
Secure erasure code based cloud storage system with secure data forwarding
Priyank Rupera
 
PDF
$kernel->infect(): Creating a cryptovirus for Symfony2 apps
Raul Fraile
 
PDF
Encryption Recap: A Refresher on Key Concepts
thomashtkim
 
PDF
Next Generation DevOps in Drupal: DrupalCamp London 2014
Barney Hanlon
 
PPTX
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
kadalisrikanth
 
PDF
OpenSSL programming (still somewhat initial version)
Shteryana Shopova
 
PPSX
comp security lab.ppsx
DesuWajana
 
PDF
introduction to jsrsasign
Kenji Urushima
 
PPT
Cryptography for Smalltalkers 2 - ESUG 2006
Martin Kobetic
 
PPTX
Introduction to InSpec and 1.0 release update
Alex Pop
 
PDF
Shellcode Disassembling - Reverse Engineering
Sumutiu Marius
 
PDF
Pulsar Summit Asia - Running a secure pulsar cluster
Shivji Kumar Jha
 
PDF
Computer network (4)
NYversity
 
12 symmetric key cryptography
drewz lin
 
Cryptography for Absolute Beginners (May 2019)
Svetlin Nakov
 
How does cryptography work? by Jeroen Ooms
Ajay Ohri
 
Django cryptography
Erik LaBianca
 
Web cryptography javascript
Jose Manuel Ortega Candel
 
Message Authentication using Message Digests and the MD5 Algorithm
Ajay Karri
 
Rust Hack
Viral Parmar
 
Secure erasure code based cloud storage system with secure data forwarding
Priyank Rupera
 
$kernel->infect(): Creating a cryptovirus for Symfony2 apps
Raul Fraile
 
Encryption Recap: A Refresher on Key Concepts
thomashtkim
 
Next Generation DevOps in Drupal: DrupalCamp London 2014
Barney Hanlon
 
Secureerasurecodebasedcloudstoragesystemwithsecuredataforwarding
kadalisrikanth
 
OpenSSL programming (still somewhat initial version)
Shteryana Shopova
 
comp security lab.ppsx
DesuWajana
 
introduction to jsrsasign
Kenji Urushima
 
Cryptography for Smalltalkers 2 - ESUG 2006
Martin Kobetic
 
Introduction to InSpec and 1.0 release update
Alex Pop
 
Shellcode Disassembling - Reverse Engineering
Sumutiu Marius
 
Pulsar Summit Asia - Running a secure pulsar cluster
Shivji Kumar Jha
 
Computer network (4)
NYversity
 

More from ESUG (20)

PDF
ShowUs: Pharo Stream Deck (ESUG 2025, Gdansk)
ESUG
 
PDF
Micromaid: A simple Mermaid-like chart generator for Pharo
ESUG
 
PDF
Directing Generative AI for Pharo Documentation
ESUG
 
PDF
Even Lighter Than Lightweiht: Augmenting Type Inference with Primitive Heuris...
ESUG
 
PDF
Composing and Performing Electronic Music on-the-Fly with Pharo and Coypu
ESUG
 
PDF
Gamifying Agent-Based Models in Cormas: Towards the Playable Architecture for...
ESUG
 
PDF
Analysing Python Machine Learning Notebooks with Moose
ESUG
 
PDF
FASTTypeScript metamodel generation using FAST traits and TreeSitter project
ESUG
 
PDF
Migrating Katalon Studio Tests to Playwright with Model Driven Engineering
ESUG
 
PDF
Package-Aware Approach for Repository-Level Code Completion in Pharo
ESUG
 
PDF
Evaluating Benchmark Quality: a Mutation-Testing- Based Methodology
ESUG
 
PDF
An Analysis of Inline Method Refactoring
ESUG
 
PDF
Identification of unnecessary object allocations using static escape analysis
ESUG
 
PDF
Control flow-sensitive optimizations In the Druid Meta-Compiler
ESUG
 
PDF
Clean Blocks (IWST 2025, Gdansk, Poland)
ESUG
 
PDF
Encoding for Objects Matters (IWST 2025)
ESUG
 
PDF
Challenges of Transpiling Smalltalk to JavaScript
ESUG
 
PDF
Immersive experiences: what Pharo users do!
ESUG
 
PDF
ChatPharo: an Open Architecture for Understanding How to Talk Live to LLMs
ESUG
 
PDF
Cavrois - an Organic Window Management (ESUG 2025)
ESUG
 
ShowUs: Pharo Stream Deck (ESUG 2025, Gdansk)
ESUG
 
Micromaid: A simple Mermaid-like chart generator for Pharo
ESUG
 
Directing Generative AI for Pharo Documentation
ESUG
 
Even Lighter Than Lightweiht: Augmenting Type Inference with Primitive Heuris...
ESUG
 
Composing and Performing Electronic Music on-the-Fly with Pharo and Coypu
ESUG
 
Gamifying Agent-Based Models in Cormas: Towards the Playable Architecture for...
ESUG
 
Analysing Python Machine Learning Notebooks with Moose
ESUG
 
FASTTypeScript metamodel generation using FAST traits and TreeSitter project
ESUG
 
Migrating Katalon Studio Tests to Playwright with Model Driven Engineering
ESUG
 
Package-Aware Approach for Repository-Level Code Completion in Pharo
ESUG
 
Evaluating Benchmark Quality: a Mutation-Testing- Based Methodology
ESUG
 
An Analysis of Inline Method Refactoring
ESUG
 
Identification of unnecessary object allocations using static escape analysis
ESUG
 
Control flow-sensitive optimizations In the Druid Meta-Compiler
ESUG
 
Clean Blocks (IWST 2025, Gdansk, Poland)
ESUG
 
Encoding for Objects Matters (IWST 2025)
ESUG
 
Challenges of Transpiling Smalltalk to JavaScript
ESUG
 
Immersive experiences: what Pharo users do!
ESUG
 
ChatPharo: an Open Architecture for Understanding How to Talk Live to LLMs
ESUG
 
Cavrois - an Organic Window Management (ESUG 2025)
ESUG
 

Recently uploaded (20)

PDF
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PPTX
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PDF
Hybrid model detection and classification of lung cancer
IAESIJAI
 
PDF
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Unlock new opportunities with location data.pdf
Precisely
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PPTX
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
PDF
August Patch Tuesday
Ivanti
 
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
Modernising the Digital Integration Hub
Daniel Toomey
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
Tartificialntelligence_presentation.pptx
ry7r52mzb4
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
A novel scalable deep ensemble learning framework for big data classification...
IAESIJAI
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
Hybrid model detection and classification of lung cancer
IAESIJAI
 
A Late Bloomer's Guide to GenAI: Ethics, Bias, and Effective Prompting - Boha...
Mindy Bohannon
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
NewMind AI Weekly Chronicles – August ’25 Week III
NewMind AI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Transform Your ITIL® 4 & ITSM Strategy with AI in 2025.pdf
PDCA Consulting
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Unlock new opportunities with location data.pdf
Precisely
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
August Patch Tuesday
Ivanti
 

Native or External?

  • 1. Native or External? Lessons learned implementing cryptography for VisualWorks Martin Kobetic Cincom Smalltalk Engineering ESUG 2011
  • 2. Let's implement SSL! DES, MD5, SHA, RSA, DSA, RC4, X.509, ASN.1, DER, ... * SSL 3.0, RSA, DES, RC4, basic X.509 (RSA only) * DH, DSA, + SSL integration, AES * X.509 on ASN.1, faster RSA (CRT),... * new ASN.1 (read/write), more X.509 * protocols/S (HTTPS, SMTPS,....)
  • 3. What is Cryptography hashes MD5, SHA1, SHA256, ... secret key (symmetric) ciphers AES, DES, RC4,... public key algorithms * signing (RSA, DSA, ECDSA) * encryption (RSA) * key agreement (DH, ECDH)
  • 4. Hashes - Native (MD5 hash: 'Hello') asHexString. buffer := ByteArray new: 16384. hash := SHA new. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash updateWith: buffer from: 1 to: read ]. ] ensure: [ file close ]. hash digest asHexString.
  • 5. Hashes - External buffer := ByteArray new: 16384. hash := Hash new algorithm: 'SHA1'; yourself. file := (ObjectMemory imageFilename withEncoding: #binary) readStream. [ [ file atEnd ] whileFalse: [ | read | read := file nextAvailable: buffer size into: buffer startingAt: 1. hash update: read from: buffer ]. hash finish asHexString ] ensure: [ file close. hash release ].
  • 6. Hashes - Xtreams ((ObjectMemory imageFilename reading hashing: 'SHA1' ) -= 0; close; digest ) asHexString
  • 7. Ciphers - Native message := 'Hello World!' asByteArrayEncoding: #ascii. key := 'Open Sesame!!!!!' asByteArrayEncoding: #ascii. ((ARC4 key: key) encrypt: message) asHexString. cipher := AES key: key. cipher := CipherBlockChaining on: cipher. iv := ByteArray new: 16 withAll: 1. cipher setIV: iv. cipher := BlockPadding on: cipher. (cipher encrypt: message) asHexString
  • 8. Ciphers - Speed megs := 100. buffer := ByteArray new: 1000. time := [ megs * 1000 timesRepeat: [ 1 to: buffer size do: [ :i | buffer at: i put: (buffer at: i) ]] ] timeToRun. megs asFloat / time asSeconds. time := [ self readWriteMegs: megs ] timeToRun. megs asFloat / time asSeconds
  • 9. Ciphers - External buffer := ByteArray new: message size + iv size. cipher := Cipher new. padding := iv size - (message size iv size). padding := ByteArray new: padding withAll: padding. [ | count | cipher algorithm: 'AES' mode: 'CBC' key: key iv: iv encrypt: true. count := cipher update: message size from: message into: buffer. result := buffer copyFrom: 1 to: count. count := cipher update: padding size from: padding into: buffer. result := result, (buffer copyFrom: 1 to: count). count := cipher finishInto: buffer. result, (buffer copyFrom: 1 to: count) ] ensure: [ cipher release ]
  • 10. Ciphers - Xtreams ((( ByteArray new writing encrypting: 'AES' mode: 'CBC' key: key iv: iv ) hashing: 'SHA1' ) write: message; write: padding; close; terminal ) asHexString
  • 11. Public Key - Native keys := RSAKeyGenerator keySize: 1024. keys publicKey. rsa := RSA new privateKey: keys privateKey. rsa useMD5. sig := rsa sign: message.
  • 12. Public Key - External key := PrivateKey RSALength: 1024. [ | digest | digest := (message reading hashing: 'SHA1') -= 0; close; digest. key sign: digest hash: 'SHA1' padding: 'PKCS1' ] ensure: [ key release ]
  • 13. Native - Pros * understanding and know-how * ease of use and deployment * automatically cross platform * easy integration * debugging
  • 14. Native - Cons * maintenance/evolution * security issues * speed * certification * hardware integration * export restrictions
  • 15. External - Pros * development cost (maybe) * evolves for free (hopefully) * speed * certification (possibly) * hardware integration (possibly)
  • 16. External - Cons * platform coverage * integration issues * support * FFI issues * brittleness
  • 17. Summary * seamless use * seamless deployment * platform coverage * capability coverage * extensibility * other constraints * certification/approved implementations * hardware support * performance