Cryptography tools for python 3

StackOverflow https://stackoverflow.com/questions/4583274

Question

I'm writing a program in python 3 which needs encryption functions (at least aes and rsa). I've found PyCrypto which seems to work only on 2.x versions.

Is there any good tool available for python 3 or should I rather start translating my program to be compatible with python 2 (or any other solution) ?

Thank you

Update as mentioned below, PyCrypto is now available on py3k

Was it helpful?

Solution

PyCrypto 2.4.1 and later now work on Python 3.x (see changelog diff).

OTHER TIPS

Although Python 3 itself is ready for primetime, the lack of libraries that support it is a hindrance. The best you can do is of course to help port PyCrypto to Python 3, although as it has a lot of C-extension modules that is probably not entirely trivial, and will be a couple of days work, I would think. Maybe the current maintainer is interested in porting or already half-way there, you should contact him and ask.

There is an rsa module written in Python which looks to have fairly clean and easily portable code, but for aes it seems like PyCrypto is the module to use. So it is probably easier to make your software run under Python 2 instead.

Crytographic Libraries are mostly numeric calculations and I don't know why py3k versions are not available yet.

  1. Here is pyDES available for Python 3.
  2. Here is AES algorithm implementation in Python 3. Ported from this py2k version
  3. Here is RSA algorithm implementation in Python 3. I ported it from this py2k version.

Please use them with caution as they just development programs implemented following the algorithm text. (That is, I am not sure of the rigor in the original python2 version). Also, all of them are pure python libraries, they would be slower than anything written using C-extensions ( and perhaps that is the reason, why py3k versions are getting delayed).

i have written a wrapper library simple-crypt that provides encryption and decryption in python 3, delegating the work to pycrypto.

advantages of using this over pycrypto directly include:

  • much simpler interface:

    data = encrypt(password, text)
text = decrypt(password, data).decode('utf8')

  • key expansion to make the use of passphrases more secure

  • use of an hmac to check for modification of the data

  • a versioned header that should allow me to switch the implementation to google's keyczar once that moves to python 3 (since that should be better maintained - i only wrote this out of apparent necessity).

you can install the package using:

easy_install simple_crypt

more info available on the github page for the project.

I'm not aware of any reasonable crypto library for python (regardless of the version). Everything I'm aware of (including pycrypto) is just a toy. If you want to implement a serious application then you should look for a wrapper to a real library such as m2crypto. Pycrypto itself does follow many standards. Especially, RSA needs a good padding scheme to be secure. Since pycrypto is at least currently not using a padding, this makes its RSA implementation both rather insecure and incompatible with other crypto libraries.

Answer to Martins question: Obviously this question is open to a lot of opinions. One proposal would be to use Java instead of python. Java has a well defined cryptographic interface, and there are different providers that implement the interface. This has the rather big advantage, that one can implement a solution independent of the provider, so that one can easily switch between different providers. I personally like openssl, but I'm aware that it is rather difficult to use.

Here is a Python3 library for cryptography research from Johns Hopkins. It supports elliptic curve operations and pairing based crypto.

My Python wrapper around LibTomCrypt now supports Python 3, and it has both AES and RSA.

See: https://github.com/mikeboers/PyTomCrypt#readme

Cryptography (documentation) claims to address multiple shortcomings of PyCrypto, M2Crypto, and PyOpenSSL. They don't mention simple-crypt, but a primary goal of the project is to provide high-level, safe, easy to use interfaces along with a set of lower-level interfaces (available from a 'hazmat' module) allowing finer-grained control for developers who understand the pitfalls.

Having not used the other libraries I can't comment on whether cryptography is better than the alternatives, but it has certainly met my needs so far.

pycrypto has Py3k branch (in https://github.com/dlitz/pycrypto/tree/py3k)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top