Re: [Tutor] looking for volunteers with testing simple python program
On Tue, Jun 25, 2013 at 2:04 PM, Walter Prins wrote: > Hi Alexander > > > On 23 June 2013 22:46, Alexander wrote: > >> I guess this is for testing, but I have a question. If somebody sends you >> their .pub file (email or otherwise over internet), and a villainous third >> party intercepts that .pub file, will they be able to decrypt the data sent >> over this program? > > > While I've not looked at the actual program, it appears to use standard > public key encryption techniques. The way public key encryption works is > essentially that entities always have a public and a private key. The > public keys are always published and freely available, and are used to > *encrypt* messages for given individuals. Keys are essentially one-way, > which means you cannot de-crypt a message encrypted with the same key it > was encrypted with. Instead, only the received with the corresponding > private key can decrypt the encrypted message. > > Hence, to answer you question: If a villainous third party intercepts the > pub key, that doesn't help them in decrypting messages encrypted with that > key. At best, they can also send you encrypted messages. If they wanted to > decrypt messages meant for you they'd have to somehow gain access to your > private key. > > Regards > > Walter > > ___ > Tutor maillist - Tutor@python.org > To unsubscribe or change subscription options: > http://mail.python.org/mailman/listinfo/tutor > > Thanks for your response, Walter. -- Alexander Etter ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] looking for volunteers with testing simple python program
Hi Alexander On 23 June 2013 22:46, Alexander wrote: > I guess this is for testing, but I have a question. If somebody sends you > their .pub file (email or otherwise over internet), and a villainous third > party intercepts that .pub file, will they be able to decrypt the data sent > over this program? While I've not looked at the actual program, it appears to use standard public key encryption techniques. The way public key encryption works is essentially that entities always have a public and a private key. The public keys are always published and freely available, and are used to *encrypt* messages for given individuals. Keys are essentially one-way, which means you cannot de-crypt a message encrypted with the same key it was encrypted with. Instead, only the received with the corresponding private key can decrypt the encrypted message. Hence, to answer you question: If a villainous third party intercepts the pub key, that doesn't help them in decrypting messages encrypted with that key. At best, they can also send you encrypted messages. If they wanted to decrypt messages meant for you they'd have to somehow gain access to your private key. Regards Walter ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] looking for volunteers with testing simple python program
On Mon, Jun 17, 2013 at 10:17 AM, Lukas Nemec wrote: > Hello, > > I changed some simple python client/server chatroom recipe > to include RSA keypair based encryption and signature verification > > because I'm sick of someone spying on my conversations on FB and similar. > > Here is the code: > > https://github.com/lunemec/python-chat > > If anyone is interrested in trying the software - mostly bughunting and > improvements > > please run these commands after downloading the source codes: > > cd client > openssl genrsa -out your_cert_name.pem -des3 4096 > openssl rsa -pubout -in yourt_cert_name.pem -passin > pass:"yourpassword" -out your_chatroom_nick.pub > > ## After this step, please send me your_chatroom_nick.pub file, it should > have the same name.pub as you want to use in the chatroom, otherwise we > can't decrypt your messages > > # if you don't have pycrypt, then sudo pip install pycrypto > python client.py your_chatroom_nick nemec.lu 3490 your_cert_name.pem > yourpassword > > Now we should be able to chat :) > > Enjoy, and please don't kill me for writing here :) > > Lukas > > > ___ > Tutor maillist - Tutor@python.org > To unsubscribe or change subscription options: > http://mail.python.org/mailman/listinfo/tutor > > I guess this is for testing, but I have a question. If somebody sends you their .pub file (email or otherwise over internet), and a villainous third party intercepts that .pub file, will they be able to decrypt the data sent over this program? Thanks. -- Alexander ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor
[Tutor] looking for volunteers with testing simple python program
Hello, I changed some simple python client/server chatroom recipe to include RSA keypair based encryption and signature verification because I'm sick of someone spying on my conversations on FB and similar. Here is the code: https://github.com/lunemec/python-chat If anyone is interrested in trying the software - mostly bughunting and improvements please run these commands after downloading the source codes: cd client |openssl genrsa -out your_cert_name.pem -des3 4096 ||openssl rsa -pubout -in yourt_cert_name.pem -passin pass:"yourpassword" -out your_chatroom_nick.pub ## After this step, please send me your_chatroom_nick.pub file, it should have the same name.pub as you want to use in the chatroom, otherwise we can't decrypt your messages # if you don't have pycrypt, then sudo pip install pycrypto python client.py your_chatroom_nick nemec.lu 3490 your_cert_name.pem yourpassword Now we should be able to chat :) Enjoy, and please don't kill me for writing here :) Lukas | ___ Tutor maillist - Tutor@python.org To unsubscribe or change subscription options: http://mail.python.org/mailman/listinfo/tutor