[ULS-SIG] Encryption and identity

Duncan McGreggor duncan.mcgreggor at gmail.com
Sun Jul 10 06:07:24 CEST 2011


On Sat, Jul 9, 2011 at 6:51 PM, Duncan McGreggor
<duncan.mcgreggor at gmail.com> wrote:
> Zooko and Brian,
>
> You guys are the first two people I think of when I start thinking
> about good security in Python code :-)
>
> I'm doing some experimentation with some of the concepts that underly
> ultra large-scale systems... in particular, I'm exploring "governance"
> of nodes in an abstract network/mesh. I'm preparing to implement some
> voting procedures whereby nodes in a network can elect a leader node
> to act as a proxy between the other nodes and a larger network
> (limiting flooding, providing dynamic routing, etc.).
>
> This quickly led to concerns of rogue nodes, "stuffed ballot boxes",
> etc. The first experiments are toy: taking place in a single Python
> process. What mechanisms would you suggest I use to ensure that only
> known nodes are allowed to vote? My first thought was public/private
> keys generated by the nodes. Similarly, for encrypting data between
> nodes.
>
> I'd like to have the implementation be as light-weight as possible...
> eventually, this is the sort of thing that could go into masses of
> tiny devices, e.g., health and environment monitoring nodes in a
> hospital, carried on internal ventilation currents, attached to
> walls/clothing/etc, adhered to patients, etc.
>
> Are there good papers you would recommend reading? Blog posts? Source code?
>
> Thanks!
>
> d

A couple years ago, Alex Martelli recommended using pycrypto:
  http://stackoverflow.com/questions/1137874/recommended-python-cryptographic-module/1138183#1138183

I'm checking out the latest here:
  https://github.com/dlitz/pycrypto

>From the README:

"""
Another application is in writing daemons and
servers.  Clients and servers can encrypt the data being exchanged and
mutually authenticate themselves; daemons can encrypt private data for
added security.  Python also provides a pleasant framework for
prototyping and experimentation with cryptographic algorithms; thanks
to its arbitrary-length integers, public key algorithms are easily
implemented.
"""

Thoughts anyone?

d


More information about the ULS-SIG mailing list