Python: encryption as means to prevent data tampering -

-

Many of my company's customers use our data acquisition software on a research basis. In general, due to the nature of research, some customers ask that data is encrypted to avoid tampering - if their data has been proved incorrect, then there may be serious impact.

Encrypts output files with a password stored in some of our binary software sources, which looks like random characters. At the software level, we are able to open encrypted files only for read-only. If someone wanted to know the password actually so that they could change the data, it would be possible, but this would be a lot of work

I got another piece of software for faster development I'm looking at using Python. To duplicate the functionality of encryption to lose / disappoint the data tampering, the best thing I have ever done with it, is to just write ctypes to read / write files to DLL , So that the method is "sufficient" obfuscated for encryption and decryption.

We are well aware that an "irreversible" method is unattainable, but simultaneously I am not comfortable with the encryption / decryption approach sitting in the python in plain text in the source code of a "data tampering Very strong disappointment "would be good enough, I think.

What is the best way to obtain other evidence of data integrity using a happy medium of encryption or using Python? / Strong> I talked about the creation of "proof of compromise", but if a signature was created in pure Python then it would be trivial to generate signatures for any arbitrary data. We may be able to call at home to prove the data integrity may be , but it seems that there is a major disadvantage for everyone involved.

As a general principle, you do not want to use encryption to protect against tampering, Instead you want to use digital signatures. Encryption gives you privacy , but you are behind integrity .

Calculate a hash value on your data and store the value at the place where you know it can not be tampered with or it can not be digitally signed.

It seems that you want to ensure that only files in your software can be generated? As you say, after your users have access to the software, they can not really exist in a safe way because they can isolate it and tear it apart and get any secret key you have included You can. Given that the obstacle, I think your idea of ​​using a DLL is as good as you can.


Comments

Post a Comment

Popular posts from this blog

c# - ListView onScroll event -

-
I am programming a simple C # application, and I need a Scallow event on the list view. So I inherited the original ListView class created in ListviewEx witch. I found out how to locate the scroll message from WinAPI and I modified the WndProc method. Now I have this WndProc: protected override zero WndProc (Ref message message) {base.WndProc (Ref I); If (m.msg == WM_VSCROLL) {onScroll (This, New EventArgs ()); }} But the problem is, I do not know how to know about scrolling information. This data should be in wParam, but there is a LOWORD macro ++ like in C in C # and I switch to find the criteria like SB_ below, SB_ENDSCROLL, SB_PAGEUP etc. there any way Need to change the LOWORD macro from C #? Or any other way to find the necessary parameters about scrolling? You can define the WParam constants as the following: Private const int WM_HSCROLL = 0x114; Private Constant WM_VSCROLL = 0x115; Private contact int SBHOZZ = 0; Private Consultant SB_VERT = 1; Private Con...
Read more

PHP - get image from byte array -

-
I am trying to create a back-end for my mobile application. I am sending the content of an image in the body of the HTTP request (output stream) as a byte array, I want to read this stream of bytes in PHP scripts and take back an image. Can anyone tell me how can I do this? Thank you. You can obtain the request body $ body = Reading from file_get_contents ('php: // input'); What you do with that data Depending on you, you can write the data in a file as you mentioned that this is image data, you can drop the data into the object can do. Another option is to use and load the image.
Read more

Linux Terminal Problem with Non-Canonical Terminal I/O app -

-
I have a small app written in C to run on Linux. Part of the app accepts user-input from keyboard , And it uses non-canonical terminal mode so that it can respond to each keystroke. The section of the code that accepts input is a simple task that is called repeatedly in the loop: char get_input () {char C = 0; Int res = reading (input_tamille, & amp; c, 1); If (RSS == 0) 0 returns; If (res == -1) {/ * snip error handling * /} return c; } It reads a letter from the terminal if there is no input within a given time limit, (c_cc [VTIME] value in the vocabulary structure), read () 0 And get_input () is called again It all works very well, I have recently discovered that if you run this app in a terminal window, and then the app Close the terminal window without ending, the app will not exit Received, but CPU intensive launches into an infinite loop, where the read () returns 0 without waiting continued. So how can I get out of the apple if it runs from the terminal win...
Read more