I've recently created a personal project for encrypting (and decrypting) files and text using Python's Cryptography Library. But I'm not entirely sure if it is the most secure one out there for AES Encryption. Should I trust the library or should I use something else?
Also, using which language would be the fastest in context of both run time and encryption/decryption time if I were to create this in other languages?
Hey there!
In the past few months, I've fallen in love with Clojure. As a learning exercise for the language and its interop, I decided to dive in by working on a cryptography library. It acts as a wrapper for the built-in CSPRNGs and cryptography APIs on the JVM, on Node, and in browsers.
Version 0.1 supported generating a variety of random values (like secrets.clj), 0.2 added support for symmetric encryption with AES-GCM and key derivation with PBKDF2, and I just released 0.3 with RSA support and converting encryption operations to be async for platform parity.
One of the interesting features of uniformity is what I refer to as 'cryptopacks'.
uniformity.crypto.cryptopack/encrypt outputs a self-describing format of metadata
and the ciphertext - as a map, JSON, or messagepack. It allows for multiple keys
and key types to be provided, acting as slots of key encryption keys for a random
data encryption key.
From the docstring:
;; Basic example:
(def password "A strong password")
(encrypt "Attack at dawn" :password password)
;; Advanced example:
(def backup-key (rand-bytes 16))
(encrypt "hello world"
:password ["foo" "bar"]
:aes-key backup-key
:output :msgpack
:padding 16)
Some of the internals are a mess and there's definitely a lot I would have to do for a 1.0 release - including hopefully adding CLR support - but I feel like I've learned a lot so far.
Feedback welcome: https://github.com/skinkade/uniformity
This weekend, I was learning the Template way of String formatting in Python. I felt like doing a performance comparison of all String Comparison Methods.
Theoretically, we know that since f-strings are evaluated at runtime, they are faster than other formatting techniques.
I confirmed it using timeit module in Python.
Example 1 - timeit with the % operator
from timeit import timeit
str1 = """
name = "Pylenin"
language="Python"
age = 29
str1 = "Hello, I am %s. "\
"I love %s. "\
"I am %d years old."%(name, language, age)
print(str1) """
print(timeit(str1, number=10000))
The above code took 0.2817505 secs.
Example 2 - timeit with string.format() method
from timeit import timeit
str1 = """
name = "Pylenin"
language="Python"
age = 29
str1 = "Hello, I am {0}. "\
"I love {1}. "\
"I am {2} years old.".format(name, language, age)
print(str1)
"""
print(timeit(str1, number=10000))
The above code took 0.3652804 secs.
Example 3 - timeit with String Template Class
from timeit import timeit
str1 = """
from string import Template
name = "Pylenin"
language="Python"
age = 29
str1 = Template("Hello, I am $name. "\
"I love $language. "\
"I am $age years old.")
print(str1.substitute(name=name, language=language, age=age))
"""
print(timeit(str1, number=10000))
The above code took 0.1888825 secs.
Example 4 - timeit with f-strings
from timeit import timeit
str1 = """
name = "Pylenin"
language="Python"
age = 29
str1 = f"Hello, I am {name}. "\
f"I love {language}. "\
f"I am {age} years old."
print(str1)
"""
prinI found a few topics about this, but when everybody is recommending their own self hosted option there is a lot of work to determine which features they have.
I really want to export my iCloud Photo Library to a self hosted solution, but I have no idea which one. I tried Synology Photos but it lacks .xmp file import, so it will be a ton of work to edit all times and locations properly. What is out there?
There are a great number of reactions, thanks. There are a lot of options but they all miss one or both dealbreakers: hevc/heic support + importing of xmp sidecar files.
Synology Photos this would be an easy option as it comes with DSM7.
Pros: simple, pretty good interface, iOS apps, smart albums, face tagging, hevc and heif import
Cons: no .xmp file import, no auto import folder, no batch editing (location).
GitHub Repo : GuptaAyush19/Vigenere-Cipher
PyPi : https://pypi.org/project/vigenere/
Open to suggestions and contribution.
Overview
The Vigenere cipher is a method of encrypting alphabetic text by using a series of interwoven Caesar ciphers, based on the letters of a keyword. It employs a form of polyalphabetic substitution.
Installation
This library uses python3 which can be download fromΒ here. After installing python, use pip to install the package.
$ pip install vigenere
No external dependencies required in this version.
With the increase in teletherapy due to the pandemic, I have seen a lot of SLPs interested in sibscription services for digital materials. I work in a school (K-12) and have been able to try SLP Now, Super Duper, and Ultimate SLP for months now so I feel as though I have a ton of thoughts about each. Thought it would be helpful to give an in-depth review and comparison of each.
SLP Now SLP Now is a subscription that provides therapy materials/activities that are all literacy based. It also has the "Academy" which has some PD (the Fluency School PD was especially useful to me). There are monthly themes and materials are nicely organized.
PROS
-
Huge variety and massive library
-
Everything is evidence based! There are handouts summarizing the research behind materials, which is awesome because it makes you sound smart when you are explaining to parents the evidence behind literacy based therapy.
-
The user interface is asthetically pleasing and easy to navigate. I like the graphics used too.
-
Variety of ways to access materials: printables, boom cards, google slides, and smart decks
-
The visuals and graphic organizers are incredible teaching tools. I have a ton printed out and I send them home to families so they have a reference too. I LOVE the teaching tools and how it isi all organized!
-
Covers all age ranges (pre K - 12th grade) and has age appropriate materials
-
Materials for secondary students are great because they go along with articles that you can access for free from Read Works.
-
The books and articles featured are all pretty engaging. I like what they chose to make materials for.
-
Amazing for mixed groups! Each book/article has activties and practice for a variety of goals in the packet. For example, the packet of materials that go along with an article will have activites for main idea/details, compare/contrasting, antonyms/synonyms, inference & wh questions, and multiple meaning words all in one.
-
I have not used this feature too much, but there are caseload organizer tools on there! You can log your students, their day/time (like a google calendar), add their goals, and track data. You can save materials for specific students and record data through the website. I actually love the data tracker (it's a plus minus counter that comes up with a percentage for you). You can save the data from each session and it can generate a graph for you too so you can see how your student is progressing over time. Only thing is
I always wondered, why C++ standard lacks of cryptographic primitives being standardized by NIST long time ago. Even of those, which became widely known and literally immortal. So here is the answer I figured: generic programming and cryptography are quite hard to marry. The first point is about being as abstract as it could be, second point is about being as particular as it could be.
But I also always wanted to encrypt/decrypt like this:
std::vector<std::uint32_t> in = {\x0123, \0x23145}, out; std::encrypt<std::cipher::aes>(in, out); std::decrypt<std::cipher::aes>(out, in);
Or sign/verify like this:
std::string in = "Message", sig, key = "12345"; std::sign<std::signature::ecdsa>(in, key, sig); bool valid = std::verify<std::signature::ecdsa>(sig, key);
I also always wanted to have an extensible cryptography suite. So I could easily embed my new super fancy hash in there simply complying to some concept, constructing the scheme from ready to use components (e.g. Merkle-Damgard or Sponge constructions) with simply substituting classes to templates. So, you can do that now.
Do you want to know what I also always wondered? Why don't we have a C++ collection of classic-notion cryptography (ciphers, hashes, kdfs etc) along with modern constructions (ZK-cryptography, Verifiable Delay Functions, threshold cryptography)? So, now we have it. Work in progress, but still better than nothing.
So here is the motivation. And here is the implementation: https://github.com/nilfoundation/crypto3.git. Check it out. You can do encryption/hashing/encoding like this:
using namespace nil::crypto3; std::string in = "Message", res; encrypt<ciphers::rijndael<128, 256>>(in.begin(), in.end(), res);
Or like this:
using namespace nil::crypto3; std::array<std::uint8_t, 256> in, out; in.fill(1); hash<hashes::sha3>(in, out);
And yes, there is a Boost-ified version in here: https://github.com/nilfoundaton/boost-crypto3.git. And the discussion in Boost mailing list in here: https://lists.boost.org/Archives/boost//2020/09/249672.php.
I would really like to keep the introduction post short and simple, so I'm going to keep taking a look from time to time at this thread to reply to any further questions.
