Protecting Source Code

John Wilson tug at wilson.co.uk
Fri May 9 08:37:02 EDT 2003


There are several solutions. One that I have used is the Dallas
Semiconductor Crypto iButton (http://www.ibutton.com/ibuttons/java.html).
The private key is held on the tamper proof token and *never* appears in the
memory of the computer. The decryption occurs on the iButton and the
cleartext comes back. The button can be programmed to destroy the private
key after a set date, it runs its own clock off its own internal battery.

iButtons are very easy to work with. Dallas has a pretty good C interface
library and Google shows that several people have done Python wrappers.

John Wilson
The Wilson Partnership
http://www.wilson.co.uk


----- Original Message ----- 
From: "Peter Hansen" <peter at engcorp.com>
Newsgroups: comp.lang.python
To: <python-list at python.org>
Sent: Friday, May 09, 2003 1:15 PM
Subject: Re: Protecting Source Code


> John Wilson wrote:
> >
> > Could you not encrypt the .pyc files and use a custom importer to
decrypt
> > them on the fly?
> >
> > Key management then becomes the issue but there are various approaches
to
> > that problem depending on your level of paranoia.
>
> Where do you plan to store the decryption key that it will not be
> visible to the same prying eyes?  This idea doesn't fly.






More information about the Python-list mailing list