search

pyca / cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
https://cryptography.io
Other
6.68k stars 1.54k forks source link

Add "safe" (non-hazmat) implementation of AES 128 GCM suitable for HTTP Encrypted Content-Encoding #2493

Closed Lukasa closed 8 years ago

Lukasa commented 8 years ago

This is motivated by the HTTPBis working group making a call for adoption of the Encrypted Content-Encoding for HTTP draft specification. This draft describes the following:

It is sometimes desirable to encrypt the contents of a HTTP message (request or response) so that when the payload is stored (e.g., with a HTTP PUT), only someone with the appropriate key can read it.

For example, it might be necessary to store a file on a server without exposing its contents to that server. Furthermore, that same file could be replicated to other servers (to make it more resistant to server or network failure), downloaded by clients (to make it available offline), etc. without exposing its contents.

These uses are not met by the use of TLS, since it only encrypts the channel between the client and server.

This document specifies a content-coding (Section 3.1.2 of RFC7231) for HTTP to serve these and other use cases.

I am interested in implementing support for this content-encoding for Python HTTP clients and web frameworks. However, I'd like to avoid constructing too much of the cryptography myself. For that reason, it'd be useful if we could promote another symmetric encryption approach to "safe", along with Fernet.

It's possible that this is not appropriate for cryptography (for example, you may not want to have such a situationally-specific implementation in cryptography proper). If that's the case, let me know and I'll pursue implementing it outside of cryptography (but possibly inside PyCA).

alex commented 8 years ago

Finally looking at this substantively, I'm not sure this is a good fit for cryptography itself. As far as I can tell, it's a brand new standard, with no widespread adoption, that implements the same operation as an existing recipe.

Lukasa commented 8 years ago

To be clear @alex, the existing recipe in this case is Fernet, yes?

alex commented 8 years ago

Yeah, it's the existing symetric authenticated encryption recipe.

On Sat, Mar 5, 2016 at 11:24 AM, Cory Benfield notifications@github.com wrote:

To be clear @alex https://github.com/alex, the existing recipe in this case is Fernet, yes?

— Reply to this email directly or view it on GitHub https://github.com/pyca/cryptography/issues/2493#issuecomment-192681043.

"I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084

Lukasa commented 8 years ago

Ok, that makes sense to me.

Let's put a pin in this for now: I'll pursue implementing this outside of cryptography, and we can revisit if this standard takes off.

reaperhulk commented 8 years ago

I'm going to go ahead and close this for now. We can reopen if/when it becomes more significant.