tags:

views:

99

answers:

1
+6  Q: 

Strategies for Encryption with Django + Postgres?

I'm going to be storing a few sensitive pieces of information (SSN, Bank Accounts, etc) so they'll obviously need to be encrypted. What strategies do you recommend?

Should I do all the encryption/decryption in the web app itself? Should I use something like pgcrypto and have the conversions done on the DB side? Something else entirely?

Also, if you think I should do encryption on the web app side, what Python libraries would you recommend?

+1  A: 

What are you protecting against? If attacker would get access to your DB/filesystem, he would find how you decrypt data & keys. Hiding your encription key is not an easy task (and rarely implemented in "usual" applications).

I would spend more time on protecting the server and fixing all general security issues.

BarsMonster  2010-09-03 13:42:14
I agree, and I'm planning to use a fully managed service to run my production setup for precisely that reason -- I know just enough about linux system administration to know how little I know :)That being said, I'd still like to encrypt the fields. I view it as the same type of activity as locking the doors to your house. It's still pretty easy to break in, but it adds a bit of a deterrent.
Adam Levy  2010-09-03 13:51:50
BarsMonster  2010-09-03 14:09:11
I guess you can also put your key in some wird location, so when blindly copying root of your site, attacker would not get the key.
BarsMonster  2010-09-03 14:10:51
When you say "AES from standard Python library", what library are you referring to? Does Python ship with a library for AES encryption? Most of the recommendations I've seen are for pycrypto (3rd party).
Adam Levy  2010-09-03 15:43:13
http://www.amk.ca/python/code/crypto.htmlOps, actually not in a standard libs, but recommended.
BarsMonster  2010-09-03 16:00:03

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python