Kveynar - chiffre authentifie original (portage Python), par Memet Jakupi.
Project description
Kveynar — Python port
Author: Memet Jakupi — digital forensics researcher.
A faithful Python port of the reference Rust implementation. It reproduces
../rust/vectors/kat.json byte for byte (interoperability
test): a message encrypted by Rust decrypts in Python and vice versa.
The common specification is ../rust/SPEC.md; the honest security analysis
is in ../rust/DESIGN.md.
Warning
A home-grown cipher intended for educational / obfuscation / CTF use. Hardened and tested, but not publicly audited. Do not use it alone against a state-level adversary.
Performance note
This port favours readability, not speed. The KDF is memory-hard: at the default factor (2^17 = 16 MiB) it is slow in pure Python. For quick trials, lower the memory factor (
--mem 12orwith_work_factor(key, 12)). The Rust implementation remains the performant version.
Usage (library)
from kveynar import Kveynar, encrypt_decoy, decrypt_decoy
kv = Kveynar.with_work_factor("my private key".encode(), 12)
c = kv.encrypt("Pershendetje, bote!".encode())
assert kv.decrypt(c).decode() == "Pershendetje, bote!"
# associated data, text armor, source obfuscation
kv.encrypt_with_ad(b"body", b"public-header")
kv.encrypt_armored(b"data")
kv.obfuscate_source("def f(): return 42")
# "bare" container (no signature) and disguised armors
kv.encrypt_bare(b"looks like random bytes")
kv.encrypt_skin(b"data", "emoji") # or "mnemonic" / "drita"
# fortress mode (Gjarper + Bora cascade, 100% in-house)
fort = Kveynar.fortress_with_work_factor("key".encode(), 14)
# weak plausible-deniability decoy (two compartments; see ../rust/DESIGN.md section 8bis)
blob = encrypt_decoy(kv, b"real message", fort, b"decoy")
| Method | Description |
|---|---|
new(pass) / with_work_factor(pass, log2_mem) |
context (memory KDF factor) |
fortress(...) / fortress_with_work_factor(...) / set_cascade(bool) |
cascade mode |
encrypt / decrypt (+ _with_ad) |
binary .kvy container (AEAD) |
encrypt_with_params(pt, ad, kripa, fara) |
deterministic encryption (advanced/tests) |
encrypt_bare_with_params(pt, kripa, fara) |
deterministic bare encryption (advanced/tests) |
encrypt_bare / decrypt_bare |
headerless container, header whitened ⇒ byte-uniform (obfuscation only) |
encrypt_skin / decrypt_skin |
disguised armor (mnemonic / emoji / drita) |
encrypt_armored / decrypt_armored |
text output (Drita armor) |
obfuscate_source / deobfuscate_source (+ _bytes) |
code obfuscation |
encrypt_decoy / decrypt_decoy (module functions) |
weak plausible-deniability decoy |
Command line
python -m kveynar enc -k "my key" --mem 14 secret.txt -o secret.kvy
python -m kveynar enc -k "my key" --fortress secret.txt -o secret.kvy
python -m kveynar enc -k "my key" --bare secret.txt -o secret.kvy # bare container
python -m kveynar dec -k "my key" secret.kvy -o secret.txt # mode auto-detected
python -m kveynar obf -k "my key" --skin emoji app.py -o app.py.kvy
python -m kveynar deobf -k "my key" --skin emoji app.py.kvy -o app.py
Key also via --key-file <file> or the KVEYNAR_KEY environment variable.
Tests
# from the repository root
set PYTHONPATH=python & python -m unittest discover -s python/tests -t python # Windows cmd
PYTHONPATH=python python -m unittest discover -s python/tests -t python # bash
test_vectors.py proves byte-for-byte interoperability with Rust.
Structure
python/
kveynar/
__init__.py public API (Kveynar class) + bare/skin/decoy
_u64.py 64-bit arithmetic (mod 2^64)
_consts.py constants (forge, IV, RC, ODD, NUMS scalars, rotations, Drita alphabet)
_vala.py Vala permutation + sponge
_kdf.py Celesi (memory-hard KDF, Mundimi, Argon2id-like)
_gjarper.py invertible primary block
_bora.py second block (cascade mode)
_blockutil.py shared block helper (read4)
_cipher.py mode of operation + Vula MAC + container (+ bare)
_armor.py Drita base64 armor
_skin.py disguised armors (mnemonic / emoji)
_obfuscate.py source-obfuscation wrapper
_rng.py system randomness (os.urandom)
errors.py KveynarError exceptions
__main__.py CLI tool
tools/ gen_constants.py (NUMS constant generator/verifier)
tests/ test_vectors (KAT interop), roundtrip, tamper, nondeterminism,
min_mem, constants, deniable
examples/ basic, file_encrypt, obfuscate_source
pyproject.toml
License
MIT.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file kveynar-0.3.0.tar.gz.
File metadata
- Download URL: kveynar-0.3.0.tar.gz
- Upload date:
- Size: 24.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
4a874e234512d47237ccf6cd962463c33fa5092778448f73091a7790a5c398f5
|
|
| MD5 |
3fee7b17e315d17c6e084660ce5e7ae2
|
|
| BLAKE2b-256 |
e18020c0896d00a1b64ed46749483ef6c3fbc01b8d1e25ae4ab373276f123b7f
|
File details
Details for the file kveynar-0.3.0-py3-none-any.whl.
File metadata
- Download URL: kveynar-0.3.0-py3-none-any.whl
- Upload date:
- Size: 22.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9d087012c252fd4702e9d410d05223888c7c16d826d64758521ff522d29a9716
|
|
| MD5 |
4191c433cd9a47c50308dbb233326cb2
|
|
| BLAKE2b-256 |
8a2c876e2c6b39b212de8a99bef0ffda95df10d0225e05697d60c3c755b082d7
|