https://github.com/py-zero/cryptozero

Simple, strong cryptography for beginners, in Python.
https://github.com/py-zero/cryptozero

cryptography education python3

Last synced: 5 months ago
JSON representation

Simple, strong cryptography for beginners, in Python.

• Host: GitHub
• URL: https://github.com/py-zero/cryptozero
• Owner: py-zero
• License: mit
• Created: 2018-07-28T09:23:16.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2018-07-29T15:07:12.000Z (almost 8 years ago)
• Last Synced: 2025-03-08T09:17:47.995Z (over 1 year ago)
• Topics: cryptography, education, python3
• Language: Python
• Homepage:
• Size: 66.4 KB
• Stars: 2
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# CryptoZero

Make it easy for learning groups to use simple cryptographic techniques in python

- Docs: ...

- Development: [https://github.com/py-zero/cryptozero](https://github.com/py-zero/cryptozero)

- Tests: ...

## API

### Verification

\# TODO: expose signing and verifying methods

### Secrecy

\# TODO: expose encryption and decryption methods

## Examples

### Verification

### Secrecy

### Key Stretching

Key stretching is the process of taking a weak password, and making it longer in such a way

that it is slow to compute. This is also called `hashing`.

An example would be taking the password `passw0rd`, and turning it into a series of bytes.

```python

from cryptozero.key import stretch

import base64

base64.urlsafe_b64encode(stretch('passw0rd'))

b'5ORsO6IvsHoxPXcaLRfe5Lx2Rt25apdJai9W7PGesBY='

```

We've use base64 as a nice way of showing the output.

#### Salting

stretching on its own, however, is not going to be enough. Someone can still come along and

break that password. What we need to do is mix in some `salt`.

As with a nice dish of Fish and Chips, the salt will compliment the password.

The salt will prevent an attacker from working out all the stretched keys ahead of time.

You can think of salting as adding some random characters onto your password.

```python

password = 'passw0rd'

salt = 'aofjdnvoekqoubsdvib3g7wefb'

salted_password = password + salt

secret_key = hasher(salted_password)

```

While this method gets you quite far, we have given you an easy way to do it securely.

```python

from cryptozero.key import stretch

import base64, os

password = 'passw0rd'

salt = os.urandom(16)

base64.urlsafe_b64encode(stretch(password, salt=salt))

b'd3sgGtHxsiESi0t4lkaXeep9j0ElfGeGMscpnfRz3vA='

```

Your output will be different. This is because we're getting a random salt using `os.urandom`.

You can safely give out the salt to people. In fact, it's very common to store the salt along side what you're encrypting.

### With networking