Using the Python cryptography module with custom passwords

Posted on So 19 Oktober 2014 in Cryptography • Tagged with Cryptography, Programming, UncategorizedLeave a comment

Hey all

I recently discovered a quite cute crypto module for Python. It is divided in two logical security layers. The first (Fernet) can be used by cryptology unaware programmers in a way that makes it unlikely to introduce any security flaws. The seconds layer (called Hazmat) allows access to all kinds of cryptographical primitives, such as HMACS and asymmetric encryption functions.

The Problem

Normally you don't want to use primitives, because it is tricky to do correct (event for advanced programmers). But unfortunately the secure and simple API ...

Continue reading

Cryptographically secure rand() replacement

Posted on Do 14 November 2013 in Cryptography • Tagged with Cryptography, Php, Security, ProgrammingLeave a comment

If you are a programmer, you sometimes find yourself in the need for random numbers. There are many possible use cases:

  • Generate data for unit-tests.
  • Build secure passwords or keys as input for ciphers like AES, Twofish and its colleagues.
  • Simulating the real world for modelling applications.
  • A prominent use case: Lot's of gambling sites depend on good random number generators.

Now if you code in PHP, there are quite some different ways to obtain random numbers. There is the rand ( int $min , int $max ) function for instance: It ...

Continue reading