Questions about encryption
The One and Only Real True Fluffy That Wouldn't Die
ftc at meowing.net
Mon Sep 11 01:00:05 EDT 2000
gustafl at algonet.se (Gustaf Liljegren) writes:
> I found myself needing encryption for a file with user info, but know
> almost nothing about the principles, so here's some very basic questions
> about encryption in Python. Links for getting started with encryption
> understanding is also appreciated. But no specs please. :-)
>
> 1. The Library describes how to encrypt strings using for example the md5
> and sha modules, but I find no information about decrypt the same strings!
Briefly, you can't. MD5 and SHA are one-way hashes, a form of
checksum. These are useful to verify the integrity of files, or to
check passwords, or for digital signatures, but not for what you want
to do.
> The rotor module seem to handle decryption too, but also seem more
> complicated to use.
It's also probably not what you want if the data you want to encrypt
has real value. If your application is, say, a game or a simple
keep-the-honest-folks-honest kind of thing, it's probably fine, but...
"Stock" solutions for stronger encryption do exist, but weird
import/export regulations have traditionally made it hard for
something like Python to include them (the main culprit in this mess
has been the US government, which finally dropped most of the pretense
this year). There is third-party stuff out there that you can use;
the m2crypto module is likely to be of help. Try seaching for
"encryption" at <URL:http://www.vex.net/~x/parnassus/> for pointers to
this and lots of related stuff.
A few on-line resources for background information include:
<URL:http://www.ssh.fi/tech/crypto/>
<URL:http://theory.lcs.mit.edu/~rivest/crypto-security.html>
<URL:http://www.cs.purdue.edu/coast/hotlist/>
> 2. Is it possible to encrypt a file from one script and decrypt it from
> another?
Sure, just as long as both have access to the right keys. (How that's
done will depend on the library you choose to use.)
> 3. The two scripts in question use dictionaries as datatypes internally.
> Does an encyption feature suggest a choise of another datatype, or can the
> conversion between string <-> dictionary be easily accomplished?
Strings would be most convenient. See the pickle, cPickle and shelve
modules that come with Python for a straightforward solution.
More information about the Python-list
mailing list