473,725 Members | 2,281 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Encryption with Python?

I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.

I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).

Is this the defacto Python encryption solution? What does everyone
else use? Any other suggestions? The SSLCrypto package
(http://www.freenet.org.nz/python/SSLCrypto/) may be a good alternative
too, but I am not sure if it is actively maintained.

Thanks,
Blake

Jul 19 '05 #1
34 4104
Bill Gates us MD5. Hah!
Sorry. :-)

Blake T. Garretson wrote:
I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.

I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).

Is this the defacto Python encryption solution? What does everyone
else use? Any other suggestions? The SSLCrypto package
(http://www.freenet.org.nz/python/SSLCrypto/) may be a good alternative
too, but I am not sure if it is actively maintained.

Thanks,
Blake


Jul 19 '05 #2
"Blake T. Garretson" <bl************ *@gmail.com> writes:
I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.
http://www.nightsong.com/phr/crypto/p3.py

It uses SHA1 in OFB mode and is fairly fast for a pure Python function.
I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).


Nice toolkit, more flexible and powerful than p3.py, but also more
complicated.
Jul 19 '05 #3
Blake T. Garretson wrote:
I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago.
a lack of recent releases can also mean that they just work...
Is this the defacto Python encryption solution? What does everyone
else use? Any other suggestions?


http://sandbox.rulemaker.net/ngps/m2/

is actively maintained, as far as I can tell.

you might also be able to find some useful stuff inside:

http://trevp.net/tlslite/

(see the utils package for a pure-python AES implementation)

</F>

Jul 19 '05 #4
In article <7x************ @ruckus.brouhah a.com>, Paul Rubin wrote:
"Blake T. Garretson" <bl************ *@gmail.com> writes:
I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).


Nice toolkit, more flexible and powerful than p3.py, but also more
complicated.

There's also http://www.freenet.org.nz/ezPyCrypto/ , built on top of
PyCrypto
-Steve
Jul 19 '05 #5
Blake T. Garretson wrote:
I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.


There's a pure python Blowish implementation at:
http://bofh.concordia.ca/blowfish.py

(It looks like you'll have to divide your data in 8 byte blocks
yourself, and pad the last block)
Jul 19 '05 #6
Blake T. Garretson wrote:
I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.

I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).

Is this the defacto Python encryption solution? What does everyone
else use? Any other suggestions? The SSLCrypto package
(http://www.freenet.org.nz/python/SSLCrypto/) may be a good alternative
too, but I am not sure if it is actively maintained.

Thanks,
Blake


There's a DES implementation at

http://home.pacific.net.au/~twhitema/des.html
Jul 19 '05 #7
I rolled my own for relatively short sequences, like passwords. The key is
an integer. To decrypt use the negative encryption key. I consider the
encryption unbreakable, as it is indistinguishab le from a random sequence.

Frederic

###

def crypt (sequence, key):
import random
sign = (key > 0) * 2 - 1
random.seed (abs (key * sign))
s = ''
for i in xrange (len (sequence)):
r = random.randint (0, 255)
s += chr ((ord (sequence [i]) + r * sign) % 256)
return s

###

If unauthrorized use of the machine is a concern, crypt might not be an
appropriate name for the function. To help an intruder understand it, a doc
string such as the following one might be useful:

def cyrep (sequence, key):

"""
Cyclic Redundancy Preprocessor
Cyclic redundancy checks often fail to differentiate relatively
short
sequences that contain sequences of binary zeroes of different
length.
This preporcessor applies a keyed randomizing filter to improve the
capability of the cyclic redundancy algorithm. Use the output of
this
function as input to a CRC routine.
Negative keys cannot be used. If passed they are positivized
rather
than rejected.
"""

###

----- Original Message -----
From: "Blake T. Garretson" <bl************ *@gmail.com>
Newsgroups: comp.lang.pytho n
To: <py*********@py thon.org>
Sent: Thursday, May 05, 2005 10:20 PM
Subject: Encryption with Python?

I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? Any
modern block cipher will do: AES, Blowfish, etc. I'm not looking for
public key stuff; I just want to provide a pass-phrase.

I found a few modules out there, but they seem to be all but abandoned.
Most seem to have died several years ago. The most promising package
is A.M. Kuchling's Python Cryptography Toolkit
(http://www.amk.ca/python/code/crypto.html).

Is this the defacto Python encryption solution? What does everyone
else use? Any other suggestions? The SSLCrypto package
(http://www.freenet.org.nz/python/SSLCrypto/) may be a good alternative
too, but I am not sure if it is actively maintained.

Thanks,
Blake

--
http://mail.python.org/mailman/listinfo/python-list


Jul 19 '05 #8
"Anthra Norell" <an***********@ tiscalinet.ch> writes:
I rolled my own for relatively short sequences, like passwords. The
key is an integer. To decrypt use the negative encryption key. I
consider the encryption unbreakable, as it is indistinguishab le from
a random sequence.


You're using the built-in random module which is designed to provide
only statistical randomness and not cryptographic security. It should
not be used for encryption. The math paper describing the function is
quite clear about that. There is a lot of subtlety to this stuff and
it's easy to make mistakes even if you know what you're doing. Even
using well-tested block ciphers (various people mentioned DES, AES,
and Blowfish modules) it's easy to make mistakes in choosing operation
modes, thinking you don't need authentication when you really do,
etc., etc. The book "Practical Cryptography" by Bruce Schneier and
Niels Ferguson is worth looking at if you want to see what you're
getting yourself into.

I hate to come across as plugging my own stuff too much, but

http://www.nightsong.com/phr/crypto/p3.py

is designed to take care of most of the tricky issues for you while
still having a very simple interface, and also be reasonably fast
(much faster for large messages than any of the pure Python block
cipher modules). Just use p3_encrypt(plai n) to encrypt and
p3_decrypt(ciph er) to decrypt. The main penalty you pay is that the
ciphertext is a couple dozen bytes longer than the plaintext. There
are cryptographical ly important reasons for that; don't try to escape
it without knowing exactly what's going on.
Jul 19 '05 #9
Anthra Norell wrote:
I rolled my own for relatively short sequences, like passwords. The key is
an integer. To decrypt use the negative encryption key. I consider the
encryption unbreakable, as it is indistinguishab le from a random sequence.

Frederic

###

def crypt (sequence, key):
import random
sign = (key > 0) * 2 - 1
random.seed (abs (key * sign))
s = ''
for i in xrange (len (sequence)):
r = random.randint (0, 255)
s += chr ((ord (sequence [i]) + r * sign) % 256)
return s


The mind boggles.

You do realize that if I have two ciphertexts encrypted with the same
key, I can subtract them? Then I have a sequence, that while not
immediately readable, is just a straightforward combination of the two
plaintexts without any encryption.

This function is also vulnerable to a chosen-plaintext attack. The
underlying PRNG is definitely not suitable for cryptographic
applications. The documentation even says so!

http://docs.python.org/lib/module-random.html
"However, being completely deterministic, it is not suitable for all
purposes, and is completely unsuitable for cryptographic purposes."

Do yourself a favor and don't try to roll your own cryptographic
functions. Do everyone else a favor and don't call something
"unbreakabl e" unless you actually have the domain expertise to make that
determination.

And do read _Practical Cryptography_.

--
Robert Kern
rk***@ucsd.edu

"In the fields of hell where the grass grows high
Are the graves of dreams allowed to die."
-- Richard Harter

Jul 19 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

38
2895
by: Anthony Baxter | last post by:
On behalf of the Python development team and the Python community, I'm happy to announce the release of Python 2.3.1 (final). Python 2.3.1 is a pure bug fix release of Python 2.3, released in late July. A number of obscure crash-causing bugs have been fixed, various memory leaks have been squished, but no new features have been added to the language or to the library. For more information on Python 2.3.1, including download links for...
12
1819
by: John Burton | last post by:
One of the reasons I like python so much is that the standard installation comes with a whole lot of libraries to do lots of useful things but there seem to be a few things missing from the standard library which would be useful in many projects: Encryption - AES and 3DES. Possibly RSA and Certificate processing. DNS - Something better than gethostbyaddr for looking up other record types. Database - Something suitable for small projects...
4
3524
by: Daniel Orner | last post by:
Hello, I'm working on a project that consists of a Java application on the desktop, and a server with Python CGI code. I'm trying to find an encryption algorithm, which would let me send encrypted information to the server, to work identically in both Python and Java. (I.e. which would let me encrypt data in Java, send it to the Python server, and decrypt it there.) For various reasons, I don't want to use the built-in Java encryption...
22
3229
by: Kamilche | last post by:
I've looked at a few alternatives for encryption with Python, and didn't come up anything very speedy. I've written an encryption algorithm in pure Python that can process 22 megs of data a second. I know it's not secure, but it should be enough to ward off casual hacking. Does someone know of something speedier? --Kamilche
4
4965
by: drs | last post by:
Hi, I need to send secure data over an insecure network. To that end, I am needing to encrypt serialized data and then decrypt it. Is there a builtin way to do this in Python? MD5, SHA, etc encrypt, but I am not seeing a way to get back my data. Encryption is totally new to me, so any pointers of what to read up on would be appreciated. As a side note, I understand that I could use https, but this would involve changing things that I...
3
1443
by: dirvine | last post by:
HI hope you can help (know you can). I am looking for a very strong AIS or better symetrical encryption in python. Any suggestions ideas welcome. I have spent a lot of time looking everywhere at pycrypto and many others but is a wee bit of a minefield out there. Anyone have any experience of a true encryption (not xor or anything weak). I am looking for something strong enough to encrypt your credit card info and publish file on website...
5
6774
by: Michael Sperlle | last post by:
Is it possible? Bestcrypt can supposedly be set up on linux, but it seems to need changes to the kernel before it can be installed, and I have no intention of going through whatever hell that would cause. If I could create a large file that could be encrypted, and maybe add files to it by appending them and putting in some kind of delimiter between files, maybe a homemade version of truecrypt could be constructed. Any idea what it...
1
1829
by: Robert Blass | last post by:
I am looking to get my feet wet with encryption. When I say encryption program I am talking about something to get me off to a quick start. Something very simple, far less than the 40+ bit encryption code. What I need is an easy to understand language choice. I've used BASIC a long time ago but is there another language that is better and more supported? There seems to be hundreds of languages so it's hard for me to just pick one.
5
9523
by: Netwatcher | last post by:
well, i started messing around with dictionaries, yet, most of the pages i found about them always talk about getting only one word out of it and turning it vice versa, i've been playing with that code for a few hours: #dics Encryption={',':'hy{;',' ':'h4x0r2','':'zomg','?':'bko','a':'ika','b':'d0v','c':'ino', 'd':'maw', 'e':'aon', 'f':'que', 'g':'kip', 'h':'an', 'n':'ko print lol except KeyError: print 'These...
0
8874
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
0
8748
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9248
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
9092
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
8072
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
6000
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4506
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
2
2622
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2151
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.