encryption (passwords)

[Gumuz]

I am quite a newbie regarding encryption stuff. There are some issues
boggling my head and I suppose these come from the fact that I have no clue
how to apply encryption in a real-life situation.

I am using network-sockets to communicate between two(or more) python
applications. I want to encrypt these messages, or at least a part of it
e.g. password and such.

My limited understanding of encryption tells me that I need a 'key' to
decrypt stuff. So I figure that this key will bey written(hard-coded?)
somewhere in my Python-script and it needs to be known at both sides in
order to encrypt and decrypt. Somehow, I can't believe this is true. I can't
get over the idea that if my application becomes open-source anyone could
see the key and decrypt my messages.

I am fairly certain that it probably doesn't work this way, but I have
really no idea. Cann someone clarify this for me?


thanx a lot,
Guyon