GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → deadPix3l → pyDHE

deadPix3l / pyDHE

Licence: BSD-2-Clause License
a fully python Diffie-Hellman Library

Programming Languages

python
139335 projects - #7 most used programming language

Labels

securitycrypto-librarydiffie-hellman

Projects that are alternatives of or similar to pyDHE

secretpy
Classical ciphers: Caesar, ADFGX, ROT13 and etc.
Stars: ✭ 40 (-20%)
Mutual labels:  crypto-library
penetration testing
🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.
Stars: ✭ 57 (+14%)
Mutual labels:  diffie-hellman
libsparkcrypto
A cryptographic library in SPARK 2014
Stars: ✭ 25 (-50%)
Mutual labels:  crypto-library
ArduinoSpritzCipher
Spritz encryption system portable C library, CSPRNG, cryptographic hash and MAC functions, symmetric-key data encryption, and general-purpose functions. It's also an Arduino library.
Stars: ✭ 67 (+34%)
Mutual labels:  crypto-library
Blockchain
Implementation of a Blockchain as a school project
Stars: ✭ 16 (-68%)
Mutual labels:  crypto-library
Cross-platform-AES-encryption-128bit
No description or website provided.
Stars: ✭ 19 (-62%)
Mutual labels:  crypto-library
double-ratchet
Double ratchet algorithm for E2E encryption
Stars: ✭ 59 (+18%)
Mutual labels:  diffie-hellman
hermes-core
Security framework for building multi-user end-to-end encrypted data storage and sharing/processing with zero leakage risks from storage and transport infrastructure.
Stars: ✭ 72 (+44%)
Mutual labels:  crypto-library
nimcrypto
Nim cryptographic library
Stars: ✭ 129 (+158%)
Mutual labels:  crypto-library
chat-diffie-hellman
A secure chat between an Android client and Java server using AES for encryption and Diffie-Hellman for key exchange.
Stars: ✭ 26 (-48%)
Mutual labels:  diffie-hellman
rawr-x3dh
TypeScript Implementation of X3DH
Stars: ✭ 51 (+2%)
Mutual labels:  diffie-hellman
HElib
HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.
Stars: ✭ 2,913 (+5726%)
Mutual labels:  crypto-library
rfc7748 precomputed
Updated! (Dec2-2019) This is a C-language software library that provides optimized implementations of the Diffie-Hellman functions known as X25519 and X448 (RFC-7748) for 64-bit architectures.
Stars: ✭ 43 (-14%)
Mutual labels:  diffie-hellman
pqcrypto
Rust Post-Quantum cryptography
Stars: ✭ 124 (+148%)
Mutual labels:  crypto-library
Computer-Security-algorithms
👨‍💻 Computer Security algorithms in C#
Stars: ✭ 48 (-4%)
Mutual labels:  diffie-hellman
Helib
HElib is an open-source software library that implements homomorphic encryption. It supports the BGV scheme with bootstrapping and the Approximate Number CKKS scheme. HElib also includes optimizations for efficient homomorphic evaluation, focusing on effective use of ciphertext packing techniques and on the Gentry-Halevi-Smart optimizations.
Stars: ✭ 2,749 (+5398%)
Mutual labels:  crypto-library
Phpseclib
PHP Secure Communications Library
Stars: ✭ 4,627 (+9154%)
Mutual labels:  diffie-hellman

pyDHE

PyPI version

pyDHE is a simple to use Diffie-Hellman implementation written in python, for python. It makes using Diffie-Hellman a breeze so you can focus on the real crypto. Eventually, I hope to include elliptic curves (ECDHE) but that is not currently supported.

Installation

Installing is easy. pyDHE is available on PyPi. simply run: pip install pyDHE

Why?

For several of my other projects, I've needed a Diffie-Hellman-Ephemeral (DHE) implementation, but could never find one. The algorithm is not hard, but I was always surprised when I searched for a prewritten one, and never found it. Even well known Crypto libraries like pyCrypto, pyCryptodome, and cryptography lacked Diffie-Hellman. So I always write my own. Eventually I decided to make that terrible code i used previously and generalize it. Make it easy, readable, pep8 and pep257 compliant, write unit tests and release it to the world!

How?

Using pyDHE is a breeze. There are two modes: manual, and negotiate. In either case, the key returned will be a long. If you need a string, the following should get the job done. Which one you use is up to you:

  • struct.pack()
  • Crypto.Util.number.long_to_bytes()
  • any hashing algorithm that accepts bigInts

In manual mode you will call the update() and getPublicKey() functions. Transmission will be entirely your resposibility. This allows you to have fine grain control over how the traffic is managed, how the sockets are configured, alternative transfer methods (UDP, files, IPC, or other), etc.

A local example of manual mode requiring no sockets is as follows:

    >>> import pyDHE
    >>>
    >>> Alice = pyDHE.new()
    >>> Bob = pyDHE.new()
    >>>
    >>> aliceFinal = Alice.update(Bob.getPublicKey())
    >>> bobFinal = Bob.update(Alice.getPublicKey())
    >>>
    >>> (aliceFinal == bobFinal)
    True

As you can see, each instance must call update(), passing in the other's public key. How you send that public key is up to you. That's why I call it manual mode. You need only do Alice (or Bob, its just a name), because the other side is the remote end, and is only shown for demonstration.

For most appications, manual isn't nessesary. We have negotiate():

    >>> import socket
    >>> import pyDHE
    >>>
    >>> sock = socket.socket()
    >>> sock.connect(('localhost', 1234))
    >>>
    >>> alice = pyDHE.new(18)
    >>> key = alice.negotiate(sock)

This is really easy.

  1. create a new, blocking, tcp socket and get it connected.
  2. call x = pyDHE.new() with the desired group.
  3. Call x.negotiate(sock)
  4. Done! this socket may be closed, or you can use it for any other purpose.

other usage notes:

  • update() will return the final key, but if you happen to miss it, or need it again, you can call getFinalKey()
  • update() can be called multiple times. This allows you to create multi-party keys. This is not tested currently, use at your own risk.

Inclusion in other Projects

I intend to submit pull requests for other libraries and projects likely pyCrypto, pyCryptodome, pyca/cryptography, and others, but I am also making this into a standalone module because it is easier to maintain, and under my control. I cannot guarantee that those pull requests will be accepted or maintained well, so at least my code will always live here.

Contributing

I love contributions! The more the merrier. Please submit pull requests all day long! I only ask that any changes you make be pep8 compliant and accompanied by unit tests.

Disclaimer

I am not a world renowned cryptographer. I know the saying goes "never roll your own crypto" but it doesn't seem like anybody else will write this. I am quite sure I cannot cover every facet, and there is probably a timing oracle, parameter injection, birthday attack, or something in here. (Its not written in C, so I can nearly guarantee there is a timing oracle at least.) It should be good enough for most things, but if you are the NSA, or an enemy of the NSA, maybe you should find a different library.

License

Because crypto is important and everyone should access to strong crypto, I am releasing this project under an extremely open license, the BSD 2-clause license. This is uncharacteristic of me, because I usually opt for the GPLv3, BUT this license will ensure that this project will be usable anywhere! Please, spread it like the plague. Make sure everyone has easy access to DH.

Footnotes

  1. You must use the same group (i.e. pyDHE.new(x) ) on both ends, or else you end up with non matching keys. If omited, the default group is 14.

  2. negotiate() currently only supports newly created, never used, blocking, TCP sockets. Support for nonblocking and UDP sockets may come eventually. You can use previously used sockets, BUT I do not condone it, as anything left in the network buffer will interfere and corrupt the key.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].