Hi, There has been a lot of discussion about adding security features like encryption to 0MQ. We have been talking/thinking about this some in the Python bindings (pyzmq) because we are at the point where we are deploying applications using 0MQ at the internet scale.
Just tonight, Min posted this branch: http://github.com/minrk/pyzmq/commit/485b7d5f16d3344471fa0ce5479f634c8d7ac992 That adds an EncryptedSocket subclass to pyzmq. Here is the idea: The EncryptedSocket subclass accepts a cipher argument to its constructor. The cipher can be any Python object having an encrypt and decypt method. This is the interface supported by PyCrypto (http://www.dlitz.net/software/pycrypto/), but it is easy to wrap any cipher in this interface. The low level, send/recv methods of EncryptedSocket now simply call cipher.encrypt(msg) and cipher.decrypt(msg) upon a send and receive. This behavior can be disabled on a per message basis using keyword arguments. By using PyCrypto, you can easily select an appropriate cipher to use in this manner. The result is that all messages are encrypted. It is important to note that this is not in any way built in to 0MQ itself. We are simply doing this on top of 0MQ. The means that many of the things provided by SSL/TSL are not covered. But, we feel this is a good start that also has the benefit that in a multi-hop 0MQ system, you don't have to decrypt/reencrypt at each node. The performance tests that Min has run show a performance penalty of 3-10x over the unencrypted case. We are not security experts and would love feedback on this design. It is quite simple, but for many of us, security is the show stopper with 0MQ. This at least gets us moving in the right direction. Cheers, Brian -- Brian E. Granger, Ph.D. Assistant Professor of Physics Cal Poly State University, San Luis Obispo [email protected] [email protected] _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
