Cryptography ¶
Note:
Cryptography is often confused with hashing. Cryptography is bidirectional whereas hashing is one-way.
PyCrypto is a commonly used crypto library for Python. Because PyCrypto is fairly low level, many choose to use an additional layer on top of it, such as Keyczar or ezPyCrypto.
Others crypto libraries include M2Crypto and evpy, both of which are wrappers around OpenSSL.
What Should I Encrypt?¶
What you should encrypt depends on your application and the sensitivity of the data, and there are few hard lines to be drawn. Be mindful of what users would consider sensitive. Imagine what an attacker could do if they gained access to the whole database.
What to encrypt is highly application-specific. For example, if you have a website with medical information for patients you need to use transport layer encryption as well as encrypt all patient information in the persistence layer.
Some things that should be encrypted:
- Retrieve password questions and answers
- Social Security numbers
- Credit card numbers
-
Wiki content is available under a Creative Commons 3.0 License.
