[IPython-dev] pyzmq authentication

Jason Grout jason-sage at creativetrax.com
Wed Jun 1 19:35:17 EDT 2011


On 6/1/11 6:04 PM, Jason Grout wrote:
> For example, we
> could send a hash of the concatenation of the shared secret and the
> content of the message.

Of course, as aptly stated by khrafra [1] and many others, it's always 
better to use the prebuilt libraries to do signing.  Here are two 
standard modules that could do authentication:

Standard Python module: http://docs.python.org/library/hmac.html

Google Keyczar: http://www.keyczar.org/

Thanks,

Jason


[1] 
http://www.reddit.com/r/netsec/comments/attt2/dont_hash_secrets/c0jdilj 
: Haha.. you fool! You fell victim to one of the classic blunders. The 
most famous is: Never get involved in a land war in Asia. But only 
slightly less famous is this: Never attempt to roll your own crypto when 
there's a well-tested library that'll do it better!



More information about the IPython-dev mailing list