Comments (5)
I totally agree with you, I'm working on a bakthat rewrite (not backward compatible, with a lot of new features) and I'm already planning to drop beefish.
Months ago, I wanted to give a try to Elliptic Curve Crypto (and with https://github.com/bwesterb/py-seccure), but according to http://safecurves.cr.yp.to/, I shouldn't use any NIST curves so, I think I will drop this idea too.
I will look further into AES-256/AES-128, I will keep you updated.
Do you have a lot of experiences with pycrypto / cryptography ?
Thanks!
from bakthat.
I have some knowledge of cryptography, but focused more around the environment, i.e. how to use it securely, than details of specific ciphers. I know very little about elliptic curve crypto.
For AES-256, you could have a look at https://github.com/rnapier/RNCryptor/tree/master/python - that seems to be the most complete library out there. It also takes care of PBKDF2 and HMACs, and packages the data, hmac, salts and IV all into a nice data format, so it takes care of the complete package. As a plus, there are implementations in a few different languages too. It is not on PyPI currently though. You could also adopt it into bakthat itself. Note that there is a (very difficult to exploit) timing attack still open: RNCryptor/RNCryptor#88
from bakthat.
Thanks for the details, and for the AES-256 reference implementation, but the RNCryptor
as is can't handle file that doesn't fit in ram, It should read by chunks and deals with padding (like this snippet), maybe I can try to do it myself if you can validate what I'm doing.
from bakthat.
Well, I can't make any promises, but I imagine we can at least make it safer than with blowfish without PBKDF2/bcrypt. What would be even nicer is if we could integrate the support you need into RNCryptor itself, so that others can reuse it in the future.
from bakthat.
@tsileo, I'm no crypto guru, but it sounds like you might like https://github.com/jedisct1/libsodium, there are two python libraries, https://github.com/stef/pysodium and https://github.com/dstufft/pynacl. have you seen these?
from bakthat.
Related Issues (20)
- store archive contents in sqlite HOT 1
- No distributions matching the version for byteformat HOT 1
- requirement.txt specify the version for each package HOT 1
- Problem in rotate_backups function
- Support for DreamObjects
- Missing support for Tenant Name in Swift HOT 5
- GlusterFS backend HOT 1
- Problems with api
- IOError on backup
- sh dependency, can't install on Windows
- Trying backup a file to glacier HOT 7
- Boto glacier exception
- Connection reset by peer HOT 1
- I have lost bakthat.sqlite. Can I still restore my backups from untouched backup server(s3)? HOT 1
- Would like option for local destination
- Support for IAM roles / environment variables
- 'ascii' codec can't decode byte 0x8b in position 1: ordinal not in range(128) HOT 1
- ..
- Python 3 compatibility
- Proposing a PR to fix a few small typos
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bakthat.