[Tutor] Need help with encoder & decryption keys
Chris Fuller
cfuller084 at thinkingplanet.net
Sat Mar 1 18:13:08 CET 2008
On Friday 29 February 2008 16:30, Trey Keown wrote:
> Hey all,
> Been away for a while. So, I'm in the process of making a program for
> encrypting and decrypting strings of text. And I was wondering how it
> would be possible to perhaps keep keys in a .pyc file, and keep them
> from being isolated, and messages being intercepted. So... is it
> possible to decompile things within a .pyc file?
> This isn't for any serius project, just me attempting to make something
> to prove that I can do it.
>
> Thanks for any help.
>
> _______________________________________________
> Tutor maillist - Tutor at python.org
> http://mail.python.org/mailman/listinfo/tutor
The best you can do is to make it tricky to reverse engineer. Same goes for
compiled code or assembly, only those are admittedly closer to the "bare
metal". Java and C# Care also "byte-compiled" languages, and I think Java
has some security features, although I don't know what they are.
Don't use a fixed constant. Compute the key, and spread the dependencies
around. You could mix in a deterministic random number generator.
Of course, this is all useless if your program can be inspected while its
running. It's impossible, in principle, really, when the recipient of the
secret message and the eavesdropper are the same entity.
Still, unless you have determined adversaries, it won't be worth the trouble.
Plenty good enough for casual use, but don't bet national security on it or
anything.
Cheers
More information about the Tutor
mailing list