1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] Can pycrypt do a key exchange?
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Can%20pycrypt%20do%20a%20key%20exchange%3F&In-Reply-To=848354.88310.qm%40web62506.mail.re1.yahoo.com">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000054.html">
<LINK REL="Next" HREF="000056.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] Can pycrypt do a key exchange?</H1>
<B>James A. Donald</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=%5Bpycrypto%5D%20Can%20pycrypt%20do%20a%20key%20exchange%3F&In-Reply-To=848354.88310.qm%40web62506.mail.re1.yahoo.com"
TITLE="[pycrypto] Can pycrypt do a key exchange?">jamesd at echeque.com
</A><BR>
<I>Fri Jan 23 23:05:07 CST 2009</I>
<P><UL>
<LI>Previous message: <A HREF="000054.html">[pycrypto] Can pycrypt do a key exchange?
</A></li>
<LI>Next message: <A HREF="000056.html">[pycrypto] Can pycrypt do a key exchange?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#55">[ date ]</a>
<a href="thread.html#55">[ thread ]</a>
<a href="subject.html#55">[ subject ]</a>
<a href="author.html#55">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Gre7g Luterman wrote:
> Hey list -
>
> I'm working on a Python application where clients will
> open encrypted connections to a custom server
> application. The data isn't something super-important,
> like credit card numbers, but I'd rather not have it
> snooped or otherwise mucked with by outsiders.
>
> pycrypt makes this easy, but how do I share the key
> securely? pycrypt has code for calculating
> public/private keys, encrypting with them, decrypting
> with them, etc., but I don't see an obvious way to do
> an exchange with it.
Key distribution is in the general case a major unsolved
problem, and there are no libraries to handle it -
worse, there are no protocols to handle it, worse still,
there are no successful examples to imitate, other than
SSH.
You, however, are not solving the general case, so might
hand roll your own custom solution, perhaps starting
with a single widely known trusted master public key
embedded in both client and server, whose secret key,
which you alone possess, is used to sign durable client
keys and server keys, which are used in combination with
transient client keys and transient server keys - the
skype solution.
Now, of course, all the experts say "never hand roll
your own custom solution", which is true if the experts
have something ready to roll that actually works. Which,
for key distribution, they generally do not.
The particular special case solution will depend on the
particulars of your particular special case.
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000054.html">[pycrypto] Can pycrypt do a key exchange?
</A></li>
<LI>Next message: <A HREF="000056.html">[pycrypto] Can pycrypt do a key exchange?
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#55">[ date ]</a>
<a href="thread.html#55">[ thread ]</a>
<a href="subject.html#55">[ subject ]</a>
<a href="author.html#55">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|
