On Friday 29 February 2008 16:30, Trey Keown wrote: > Hey all, > Been away for a while. So, I'm in the process of making a program for > encrypting and decrypting strings of text. And I was wondering how it > would be possible to perhaps keep keys in a .pyc file, and keep them > from being isolated, and messages being intercepted. So... is it > possible to decompile things within a .pyc file? > This isn't for any serius project, just me attempting to make something > to prove that I can do it. > > Thanks for any help. > > _______________________________________________ > Tutor maillist - Tutor@python.org > http://mail.python.org/mailman/listinfo/tutor
The best you can do is to make it tricky to reverse engineer. Same goes for compiled code or assembly, only those are admittedly closer to the "bare metal". Java and C# Care also "byte-compiled" languages, and I think Java has some security features, although I don't know what they are. Don't use a fixed constant. Compute the key, and spread the dependencies around. You could mix in a deterministic random number generator. Of course, this is all useless if your program can be inspected while its running. It's impossible, in principle, really, when the recipient of the secret message and the eavesdropper are the same entity. Still, unless you have determined adversaries, it won't be worth the trouble. Plenty good enough for casual use, but don't bet national security on it or anything. Cheers _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
