RSA with PyCrypto
Tommy Lindgren
tomyltomyl at linuxlinux.nu
Thu Dec 12 11:22:48 EST 2002
Paul Rubin <phr-n2002b at NOSPAMnightsong.com> writes:
> Tommy Lindgren <tomyltomyl at linuxlinux.nu> writes:
> > I am writing a P2P instant messenger and I would to like to encrypt
> > the messages using a symmetric crypto (DES3) and encrypt the DES3-key with
> > an asymmetric crypto (RSA). PyCrypto seems nice for this task, but I don't
> > understand how the RSA instances are supposed to exchange public keys.
>
> You may be better off just running an unencrypted protocol through an
> SSH or SSL tunnel. Getting cryptographic protocols correct is
> extremely hard even if you know what you're doing. SSL3 exists
> because SSL2 had security bugs even though both were designed by
> experts. SSL2 in turn existed because SSL1, also designed by experts,
> also had bugs.
Thanks for sharing your thoughts! I have considered using both SSH and
SSL(/XMLRPC), but
1) I didn't really want my IM to depend on ssh(d).
2) I didn't understand how to use/generate the SSL cerificates (okay,
I believe this can be done transparent somehow, I haven't found
any good examples/docs yet).
3) even if I use a SSL tunnel the messages must be encrypted, since I
want to make it possible for friends to relay/store each others
messages (if A wants to send a message to B, who is offline, A can
send it instead to B's friends, who can send it to B when B comes
online (in case A would be offline then)).
At the moment I plan to make the procotol itself non-cryptographic and
just encrypt the messages. I do this just for fun so it isn't that
important to get everything right from the beginning.
> Nonetheless, here's docs for something I wrote a while back that might
> be of interest:
>
> http://www.nightsong.com/phr/python/crypto.txt
*taking notes*
--
Tommy Lindgren | o y @ i u . u
41A942131CAA5C | t m l l n x n
^C^C
More information about the Python-list
mailing list