Using this app, you can create and share secret keys that you can then use to encrypt and decrypt messages using the Vernam Cipher. Again, I will have to research thisbefore I can be sure.Generate and share secret keys, then encrypt and decrypt messages. In particular encryption algorithms such as RSA, they're fantastic to do as a project, but never use them in production to protect real data - instead use an existing tried-and-tested RSA library.Īs far as I know, in terms of the white noise, you can use the whitenoise as a source of entropy to create a seed, and then supply this seedto secrets.py for the RNG process. I think one of the things to bear in mind when it comes to security and cryptography, it's one of those areas where normally it's a good idea to use existing reputable libraries where possible, as they'll have been code-reviewed, all possible security features have been added etc. I mustadmit, I’m not the best in cryptography so I need to research much morebefore I can label this project as complete. That’s interesting, I wasn’t aware Windows utilised the TPM. If I am not able to find a reasonable method to source truly random values, I’ll change back to cryptographically strong. Originally, I was using the secrets.py module, to generate cryptographically strong, alphanumeric keys. I would be able to use the on board TPM’s entropy to source truly random values. In terms of entropy, in my research I came across TPM Entropies. Once I am able to find an efficient method to source truly random values, this will be the first thing I will upgrade. As for now, the current version remains as the API source. Using a HTTPS API request isn’t as secure as on device generation. ![]() I agree with you, the security of the key is favoured over it’s strength. I’m still currently researching various sources. Only issue with that method is, every time you generate a key a radio antenna would be needed to first fetch the static and then a microphone to record the noise, and this obviously isn’t the best interface for the common user. I’ve been doing some research, and I can use things such as white noise to create truly random values. Of course all the entropy stuff is handled for you by your OS and the secrets library in Python is your interface to that random source. Some big companies have pretty quirky solutions, see Cloudflare's wall of lava lamps for example! Timings from clocks in the system, timings of keyboard presses, mouse movement etc. Generally the way the OS does this is by introducing entropy in the results. That means we are stuck with classical methods for generating keys, and normally the solution to this is, the generation won't be perfect, we just need to make it random enough that patterns can't be found in it. ![]() So generating on-device with a slightly weaker key generation is preferable to having very strong keys, with the caveat that somebody else could easily know what they are. However, the number one rule in security and cryptography is normally, you don't want to share your private key. You are absolutely right in that computers aren't very good at generating truly random numbers (especially through traditional methods), and unpredictable phenomena like quantum state collapse and radioactive decay are some of the most random sources we have. Introduction to Programming with Python (from Microsoft Virtual Academy)./r/git and /r/mercurial - don't forget to put your code in a repo!./r/pyladies (women developers who love python)./r/coolgithubprojects (filtered on Python projects)./r/pystats (python in statistical analysis and machine learning)./r/inventwithpython (for the books written by /u/AlSweigart)./r/pygame (a set of modules designed for writing games). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |