SSLCrypto - Easy, Fast Crypto for Python

Requirements | Documentation | Examples | Downloads | Bugs | Legal Issues

Return to David's Python Resources

Latest News

SSLCrypto 0.1.1 now released - all python pickling has been replaced by bencode serialisation - thus removing possible pickle exploits.

** Warning ** - If you are exchanging SSLCrypto key objects over the internet, it is imperative you switch immediately to SSLCrypto 0.1.1. If you stay with SSLCrypto 0.1, you could be susceptible to malformed pickle attacks.

Introduction

SSLCrypto is a package for Python that dramatically eases the task of adding encryption to Python programs.

It provides a unified API that is almost totally compatible with that of ezPyCrypto, except that it takes advantage of the OpenSSL Crypto Library to deliver massive improvements in speed and security.

After using ezPyCrypto myself, I found that while it performed ok with smaller public key sizes, it proved impossibly slow with larger keys. This slowness, resulting from non-optimal code in its backend (the Python Cryptography Toolkit) meant that on a 1.5 GHz Athlon XP, it was taking several minutes to generate 4096-bit keys. Completely unacceptable if you need real security.

Performance is absolutely critical for an encryption API. If slowness deters people from using adequate-sized keys, security will be severely compromised, almost to the extent that there's little point in using encryption in the first place.

OpenSSL is a performance dream. It can generate truly military-grade keys in acceptable times, and supports these keys with cipher implementations that aggressively guard against known attacks. So, at the price of a library dependency (on non-windoze systems), you get a crypto API, whose key class is compatible with ezPyCrypto, but whose performance imposes no deterrent to truly strong cryptography.

We are confident that the security offered by SSLCrypto is more than enough for your everyday needs, and will prove a major resource-consuming deterrent against even the most powerful interests who would compromise your privacy. To test this claim, we have laid down a crypto challenge in which you are invited to take part.



Requirements

SSLCrypto requires Python 2.2 .

To help windoze users, the SSLCrypto package is also available as a self-installing EXE file (for Python 2.3 only - if running earlier version, please upgrade) with no external dependencies. (The SSLCrypto.pyd file contained therein is statically linked against the OpenSSL Windows libraries, which means you won't even need to know about OpenSSL). Just install and use!

On Linux and *BSD systems, you'll have to build SSLCrypto from the source code. This is trivial if you have the following prerequisite software installed:



Documentation



Examples



Downloads



Legal Issues

Privacy Policy