UNKNOWN
Project description
This class implements a persistent dictionary using sqlite3 and encrypts the keys and the values of the dictionary in a way, that makes it very hard to bruteforce either the key or the values in the db.
- example usage::
>>> from pcd import PersistentCryptoDict >>> d=PersistentCryptoDict() >>> print d <pcd.PersistentCryptoDict instance at 0x8dcb54c> >>> print d['my key'] None >>> d['my key']='secret value' >>> print d['my key'] secret value >>> d['my key']='top secret value' >>> print d['my key'] top secret value
Crypto
The key and the value in the dict is transformed according to the following algorithm (credit: dnet):
Setting values
we calculate they keyhash - a hmac-sha512(salt,key)
we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
we use the second binary half from step 2 of the keyhash to encrypt the value
we use the ascii keyhash from step 2 as a key to the database, and the value is the encrypted result from step 3.
Getting values
we calculate they keyhash - a hmac-sha512(salt,key)
we split the key in half, the first half as a hexdigest (ascii), the second we keep as a binary
we query the database using the ascii keyhash from step 2 as a key
we use the second binary half from step 2 of the keyhash to decrypt the value
The database contains only the following pairs of data:
(hmac-sha512(key, salt).hexdigest()[:64], # key aes256-ofb(hmac-sha512(key, salt).digest()[32:], value)) # value
we diligently obey Schneier’s law: https://www.schneier.com/blog/archives/2011/04/schneiers_law.html, and thus we would consider the task to retrieve any meaningful data without huge rainbow tables from such a database a futile task. :)
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for persistent_crypto_dict-0.4.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8264637f2607597a440e1f6f419e5673da019bda1b2cb8a75fb581c1b5a090de |
|
MD5 | c5f5f6135db56ca6f8cf7c3d75b1765f |
|
BLAKE2b-256 | 40720c5893886e24f7c4ee63c6229f2dec4bd8b0abb48e62c6b06a4cd05e1ec8 |
Hashes for persistent_crypto_dict-0.4.2-py2.7.egg
Algorithm | Hash digest | |
---|---|---|
SHA256 | b9c03d35e221a529baee0f6a55254d5265e445b8d5944fc8e8c3f8a93dadb2bb |
|
MD5 | 750fc16734c41f6ea156bda112c94dbc |
|
BLAKE2b-256 | fc41c2aaa5539babc8ced8ebe49bd9b03f50fb88f83f5241aa42b4765efa9dc5 |