tags:

views:

436

answers:

3
+1  Q: 

UDP packet encryption

This appears to be reasonably trivial if using the ssl module for TCP communication, but how would encrypted communication be done via UDP?

Can the ssl module still be used? if so, what steps would need to be performed for the client and server to be in a position where data can be sent to-and-fro as normal?

+4  A: 

DTLS is a TLS (aka SSL) derivative designed for use over datagram transports, like UDP.

OpenSSL supports DTLS starting in 0.9.8, using DTLSv1_METHOD instead of SSLv23_METHOD or TLSv1_METHOD or similar.

ephemient  2010-01-14 15:45:24
It doesn't look promising, I'm have a poke around the pyOpenSSL documentation at the moment and DTLSv1_METHOD isn't listed alongside the SSLv23 and TLSv1 methods.
gridzbi  2010-01-14 16:04:10
Argh, you're right. The ChangeLog implied that DTLS constants were added, but I checked out the sources now and DTLSv1_METHOD isn't there. It looks like it could be easy to add, though. [edit] https://bugs.launchpad.net/pyopenssl/+bug/454737
ephemient  2010-01-14 16:31:52
A: 

If you want to send encrypted data using UDP, I would advise against it for one reason. UDP is a connectionless protocol, meaning that you have no guarantuee or way of knowing that your packets are being received at the other end. I don't know about you, but I find that a bit of a security concern. Since you're dealing with encryption, I guess security is a concern.

Tony  2010-01-14 15:48:06
Not relevant to the question, and that is not a security concern. Even TCP doesn't guarantee delivery, it just tries really hard.
GregS  2010-01-16 00:28:58
A: 

You could use pyCrypto or ezPyCrypto to manually encrypt/decrypt the packets.

jbochi  2010-01-14 15:48:56
How? Do this individually per packet? Huge overhead (especially given datagram's size limitations) with public and keys included in every packet. Work at a higher level and split up the results into multiple packets? Nope, UDP is unreliable and dropping/reordering will screw up your decryption stream.
ephemient  2010-01-14 15:57:49

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python