Questions about encryption

Sun Sep 10 21:11:46 EDT 2000

On 10 Sep 2000 23:34:55 GMT, Gustaf Liljegren <gustafl at algonet.se>
wrote:

>I found myself needing encryption for a file with user info, but know
>almost nothing about the principles, so here's some very basic
>questions about encryption in Python. Links for getting started with
>encryption understanding is also appreciated. But no specs
>please. :-)

I'm no cryptographer but I learned a lot from Bruce Schneier's book
Applied Cryptography (ISBN 0471117099). He's one of the people behind
Counterpane (www.counterpane.com). I expect that you would find
various things on their site worth reading, perhaps especially his
essay, "Why Cryptography Is Harder Than It Looks" which is at:

http://www.counterpane.com/whycrypto.html

>1. The Library describes how to encrypt strings using for example the
>md5 and sha modules, but I find no information about decrypt the same
>strings!

That's because there isn't any way to decrypt them. Those are intended
to be one-way functions: pretty easy to apply to text and
mathematically very hard to reverse. If you manage to find a way to
reverse one quickly, you'll be very famous until the black helicopters
get to you <wink>. When those functions are used in ways that make it
seem that data is being decrypted with them, what's generally
happening is that they're applied separately to two strings of bytes
and the resulting values are compared.

>The rotor module seem to handle decryption too, but also seem more 
>complicated to use.

I haven't used that module myself, but it would have to be more
complex since it's actually able to do decryption. I'm sure that the
rotor module is not intended to provide strong encryption by modern
standards. After all, the Polish and British governments had some
success breaking the system the module was inspired by during the
1940s. It may be perfectly satisfactory for your purposes but only you
can decide that.

There are other Python crypto resources available. You probably would
find the Encryption/Encoding section of the Valuts of Parnassus
useful:

http://www.vex.net/parnassus/apyllo.py?i=94738404

>2. Is it possible to encrypt a file from one script and decrypt it from 
>another?

Yes, certainly. The trick will be to provide both scripts with the key
in a secure manner or to use some kind of public-key cryptography and
provide the decrypting script with the private key in a secure
manner. For a summary of public key cryptography, you might want to
see:

http://csrc.nist.gov/nistpubs/800-7/node49.html

You may find that it's just as easy to keep the information secret in
the first place as it is to keep the keys secret.

>3. The two scripts in question use dictionaries as datatypes
>internally. Does an encyption feature suggest a choise of another
>datatype, or can the conversion between string <-> dictionary be
>easily accomplished?

Encryption algorithms generally just process a stream of bytes. If the
dictionary contents are strings, you could encrypt the strings.
Otherwise you might want to use the pickle or marshal modules to
convert the dicts to strings and then encrypt and decrypt those
strings.

Regards,
Matt