On 08/23/2011 09:55 AM, Steven D'Aprano wrote:
Tobiah wrote:

I really need some sort of
algorithm that will let me take an unknown string and generate
the encrypted bit on the fly.

Google broken for you? *wink*

I had some requirements in the OP that I could not
find a solution for.

Seriously, there are about a bazillion algorithms for encrypting and
obfuscating strings. Depending on your security requirements, that can be
as simple as rot13 and as complex as blowfish (or even more so).

If it helps, I have a module that implements a selection of classical (i.e.
insecure) encryption algorithms:

http://pypi.python.org/pypi/obfuscate


Earlier, you said:

The secret is not like
the key to Fort Knox.  We would rather not have the plain
token out there, as it's internal business information,
but we don't have to protect the information at all costs.
Just making it really inconvenient to extract is fine.

I don't understand the point of this. What could your users do with the
plain token that they shouldn't? I don't see why, if it's not worth
encrypting properly, why it's worth obfuscating it at all.

The token ends up translating into the name of a database on our
server.  With that information alone, it's difficult to imagine
a serious vulnerability, yet we just thought it would be worth
it to disguise the plain text.
--
http://mail.python.org/mailman/listinfo/python-list

Reply via email to