ezPyCrypto is the culmination of my search for an approachable yet
powerful crypto library for Python.
This may be the only Python crypto API you ever need
to learn!
Latest News
Version 0.1.1 released!
Fixed crash with large key sizes (larger than (approx) 2000
bits)
Can use any size public key (2048-bit or larger recommended)
Session Key header info now padded with chaff, to resist RSA
and ElGamal factoring attacks
You are advised to cease using vers. 0.1, and switch to
vers 0.1.1 immediately!
Abstract
ezPyCrypto is a high-level encryption library for Python that makes
your job of securing data easy and effortless.
As a reaction to some other crypto libraries, which can be painfully
complex to understand and use, ezPyCrypto has been designed from the
ground up for absolute ease of use, without compromising security.
Features
ezPyCrypto lets you:
Generate, export and import public and private keys
Encrypt and decrypt strings with ease
Optionally create encrypted data as email-friendly text
Sign and verify strings (incl. documents)
Protect your private key with a passphrase
Create 'streams', for sending data through secured sockets
Choose any public key size you like (2048-bit recommended)
Choose between RSA and ElGamal for public key, and IDEA, DES3,
Blowfish, ARC4, IDEA for session key
Rest in the comfort of security, with 256-bit session keys and
defences against common RSA and ElGamal attacks, which will
painfully frustrate anyone seeking to violate your privacy.
History
I've been looking at a lot of cryptography libraries in my time, and
have been frustrated, because everything I saw suffered from problems
such as:
Not multi-platform
Painfully difficult to understand and use - needing dozens or
hundreds of lines of code just to do a simple operation
Difficult or impossible to compile and install, without
intimate knowledge of the cource code (plus deep knowledge of
cryptography).
Painful dependency on 3rd party libraries, which often proved
difficult or impossible to find, compile and/or install
Lack of adequate documentation and/or usage examples
I started to suspect that many crypto toolkit authors were coming from
a mindset of If it was hard to write, it should be hard to use!.
If I was deterred from using these toolkits, it occurred to me that
others would be feeling deterred as well. I imagined with horror all
the hours that are getting wasted by programmers the world over, in
struggling to come to terms with underlying crypto theory, and
mastering the arcane intricacies of the available crypto libraries
(or, as programmers are notorious for, writing their own libraries,
often just as arcane and difficult for others.) Meanwhile, zillions of
good creative ideas for applications are simply not getting
implemented, because programmers feel discouraged and find something
else to do.
As many will know, I've recently moved to Python as my programming language of
choice. Quite simply, Python seriously kicks butt. It spares the
programmer of all the red tape of keeping track of data types, and
allows a much looser and freer creative process. If you're not using
Python already, then just download it and install it and start
programming. Most of the difficulty of learning Python is because of
its ease of use and empowering freedom, since you have to let go of
the mind-crippling limitations of other languages you've learned.
Luckily, this difficulty passes in a few days of dabbling - once
you've followed the Python Tutorial,
you'll be up and running - no problems.
But back to the point. I looked at the various Python crypto libraries
(there's bugger-all crypto in the standard Python libraries), and found
most of them failing from one or more of the above limitations.
The only exception was a fine piece of programming called PyCrypto.
PyCrypto has a very clean design, with well-organised Python classes at
the front-end, and very portable C code at the back end. Unlike other
crypto libs, PyCrypto compiles easily on *nix and Windows platforms,
doesn't need any 3rd party libraries, and comes with excellent LaTeX
documentation (which looks good when passed through latex2html).
Also, PyCrypto supports most of the popular encryption algorithms,
and supports any key length the programmer desires. Larger keys, more
secure, but slower - programmer chooses the right trade-off. The people
who wrote PyCrypto certainly don't have that elitist geek
syndrome - the way they've designed and packaged their code shows a
respect for the client programmer that is sadly rare.
However, the PyCrypto API is still a little more low-level than I'd
like. It still imposes a bit too much 'red tape' on the programmer,
albeit much less than any other crypto library I've seen.
Therefore, it occurred to me to write a wrapper layer over the top of
PyCrypto, and build this layer to give maximum features and security
together with absolute ease of use.
ezPyCrypto basically defines a single class, called key,
which does most cryptographic operations a programmer will need,
including:
And, if you like what you see, you can Download ezPyCrypto 0.1.1.
ezPyCrypto comes with a suite of mindlessly simple example programs,
so you'll be up and running in minutes!
Note that this download contains the PyCrypto backend, both in source
code form, (and an executable Windows installer (python 2.2 only), in
case you don't have a suitable C compiler. Installing PyCrypto on
Debian is also easy: just type apt-get install python-crypto