simple symetric encryption advice

[Josiah Carlson]

David Bear <iddwb at moroni.pp.asu.edu> wrote:
> 
> I would like some advice on what crypto lib to use. I am writing a cgi
> app that will store sensative data in a backend postgresql server. I
> have some simple numeric data I would like to make as safe as
> possible, without too much overhead.
> 
> The goal would be to store the information in a simple reversable
> encrypted form. The encryption key would live only in the python app
> that was accessing the data. So perhaps there are two general
> questions that could be asked.
> 
> 1) has anyone else done this, and was it worth the extra overhead in
> terms of data security.. yes, I know the system will only be as secure
> as the python code.
> 
> 2) more important to me, what crypto lib would make sense to use. I
> was looking at using symetric key ciphers because the data will need
> to be decrypted as well. I looked at the rotor class but there's a big
> note that it has been deprecated.. Anyone have a recommendation as to
> something better?
> 
> by better I would mean: 1) something reasonably fast, (retreiving 1000
> tupples of something should require much time to decrypt) 2) something
> that the code is fairly well reviewed and tested -- (I know all python
> modules are well reviewed and tested, but there must be some modules
> that are more equal than others;)).

Check out the pure Python TLS Lite and its AES or RC4 ciphers (no
worries about compilation). They should be reasonable for most tasks,
and if you need more speed, There's always using PyCrypto, OpenSSL and
Cryptlib.

 - Josiah