Skip to main content

UNKNOWN

Project description

This class implements a persistent dictionary using sqlite3 and encrypts the keys and the values of the dictionary in a way, that makes it very hard to bruteforce either the key or the values in the db.

example usage::
>>> from pcd import PersistentCryptoDict
>>> d=PersistentCryptoDict()
>>> print d
<pcd.PersistentCryptoDict instance at 0x8dcb54c>
>>> print d['my key']
None
>>> d['my key']='secret value'
>>> print d['my key']
secret value
>>> d['my key']='top secret value'
>>> print d['my key']
top secret value

Crypto

The key and the value in the dict is transformed according to the following algorithm (credit: dnet):

Setting values

  1. we calculate they keyhash - a hmac-sha512(salt,key)
  2. we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
  3. we use the second binary half from step 2 of the keyhash to encrypt the value
  4. we use the ascii keyhash from step 2 as a key to the database, and the value is the encrypted result from step 3.

Getting values

  1. we calculate they keyhash - a hmac-sha512(salt,key)
  2. we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
  3. we query the database using the ascii keyhash from step 2 as a key
  4. we use the second binary half from step 2 of the keyhash to decrypt the value

The database contains only the following pairs of data:

(hmac-sha512(key, salt).hexdigest()[:64], # key aes256-ofb(hmac-sha512(key, salt).digest()[32:], value)) # value

we diligently obey Schneier’s law: https://www.schneier.com/blog/archives/2011/04/schneiers_law.html, and thus we would consider the task to retrieve any meaningful data without huge rainbow tables from such a database a futile task. :)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
persistent_crypto_dict-0.4.3-py2.7.egg (5.5 kB) Copy SHA256 hash SHA256 Egg 2.7 Feb 4, 2013
persistent_crypto_dict-0.4.3.tar.gz (3.6 kB) Copy SHA256 hash SHA256 Source None Feb 4, 2013

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page