Encryption

Does anyone know of an encryption function/script for Python?

Python is great for encyption and the md5 module makes it so easy! You can use the md5 like this:

import md5
md5.new('hey').digest()

or

import md5
m = md5.new()
m.update("hey")
m.digest()

md5 is definatly my favourate way of ecryping data although there are several ways do do it.

Mark

This isn't quite what I was looking for. Let me be more specific. I'm looking for a script/module/function in python that works something like this:

(pseudo-code)
import encryptx
a = "text to be encrypted"
b = "password/key"
c = encryptx(a, b)
# a has been encrypted as c with b as the password/key

d = decryptx(c, b)
#c has been decrypted as d with b as the password/key

If your using Unix (and Linux?) you can use the crypt() function, have a look at the Python documentation.

What are you trying to do exactly, It sounds like some kind of login script? I wrote a CGI login script in Python a little while ago if this is what your doing I could give you an example. It uses md5 but it does the job!!!

Mark.

I am trying to create an encrypted journal, and I'm looking for a cross-platform solution. I did find one solution, ezPyCrypto, but it refuses to install.

Ah, that could be a slight prob. Why not write you own? I mean, its not that hard.. you can create a basic encryption by using translate, change a for be or something similar and then you could decrypt it easily. also if you use several layers of translation that would make it more secure, and by distributing only the .pyc file only you will have the key (if your going to distribute that is).

Is it for personal use or a production project?

Sos, can't really help you there, I'll look into it and if I do think of anything else I'll definatly let you know.

Mark

After a little searching I found the Python Cryptography Toolkit (http://www.amk.ca/python/code/crypto.html)
After a few hours of trial and error and learning I figured it out and have developed a solution that fits my needs. I send the text through ROT13, then XOR, and finally I generate a SHA fingerprint to check the file against when it is decrypted. The toolkit is great and it can be mastered in about a day. It's quite powerful and contains many ciphers. I highly recommend it to anyone who needs to use encryption in Python.

PYTHON ROCKS!

Hi BlackMamba, I've been planning on doing the same thing (a passworded journal) for a while and I'm sure there must be plenty of people who'd find a utility like that handy.
My thought was to make the journal (and the encryption) a command line utility and then add an aqua interface to it.

Will you be keeping this project to yourself or will you consider opening it up and sharing the source code and/or work load?

I'd be happy to open the code to my program. If you or any1 else is interested, drop me a line at:
krebert at mindspring.com

So far, the code includes a couple encryption and hashing functions, and a basic text interface.

When using the md5 module... how do you decrypt the digest?

also... is it possible to simply write the digest to file and read it in later and decrypt it?

thanks

Unfortunatly md5 is a one way encryption, so you wont be able to decrypt your digest sorry . You can store it as you would any other string, and read it in for comparisons i.e. a passwords

Mark.

oh i get it, you can never decrypt it, but you can compare the digest to another to test for equality?

that could be very very usefull

thanks

You got it, comparison but not decryption

Mark.

Ahh, I hope this isn't very secure stuff, I mean ROT13 and XOR do not exactly stand up to even the most basic cryptanalysis.
The whole thing could be bruteforced in max a couple of minutes on a regular pentium III. If you want strong encryption use something like blowfish, Java has some awesome libraries, specifically the javax.crypto library with good examples too.

Just a note, MD5 is not encryption, it's a cryptographically secure hash. As said it's one way, it's a fingerprint of the data, the whole point is it's incredibly difficult (read impossible) to reconstruct the data which generated the hash. Remember that anyone can do MD5, which means anyone can generate a valid MD5 hash for a given piece of data, it's not tied to a key.

Cheers,
Benjamin

Whitelines, nearly any encrpytion can be bruitforced pretty easily, if you have the capability to generate that encryption in the first place and a large enough dictionary! Which is why we pick passwords carefully