pyope

Release 0.2.2

Implementation of symmetric order-preserving encryption scheme

Homepage Repository PyPI Python

Keywords
cryptography, encryption, python
License
MIT
Install
pip install pyope==0.2.2

Documentation

pyope

PyPi version Travis build

This is an implementation of Boldyreva symmetric order-preserving encryption scheme (Boldyreva's paper).

Supported Python versions: 2.7 and 3.4+

Disclaimer 1 This is an experimental implementation, which should be thoroughly reviewed and evaluated before using in production and/or sensitive applications.

Disclaimer 2 The Boldyreva scheme is not a standardized algorithm, so there are no test vectors and fixed plaintext-ciphertext mapping for a given key. It means that, generally speaking, a plaintext encrypted with the same key by two different versions of the package might not be equal to each other.

Quick examples

Quick start

from pyope.ope import OPE
random_key = OPE.generate_key()
cipher = OPE(random_key)
assert cipher.encrypt(1000) < cipher.encrypt(2000) < cipher.encrypt(3000)
assert cipher.decrypt(cipher.encrypt(1337)) == 1337

You can specify input and output ranges. Otherwise, default input (0..2^15-1) and output (0..2^31-1) ranges are used.

from pyope.ope import OPE, ValueRange
cipher = OPE(b'long key' * 2, in_range=ValueRange(-100, 100),
                              out_range=ValueRange(0, 9999))
assert 0 < cipher.encrypt(10) < cipher.encrypt(42) < 9999

About order-preserving encryption

Order-preserving encryption (OPE) allows to compare ciphertext values in order to learn the corresponding relation between the underlying plaintexts. By definition, order-preserving encryption methods are less secure than conventional encryption algorithms for the same data sizes, because the former leak ordering information of the plaintext values.

How can OPE be useful? For example, some systems may need OPE to perform a certain set of queries (such as range SQL queries) over encrypted data. These systems include CryptDB and Monomi to name a few.

Security

As mentioned above, security guarantees for Boldyreva's schema are weaker than those of deterministic encryption schemes, but security can still be improved if the encryption keys are long enough. It is advised to use randomly generated keys at least 256 bits long.

Running tests

PyTest is used as a test framework. Run all tests:

$ py.test tests/

TODO

  • More tests
  • Optimize performance
  • Security guarantees?

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
2
Total releases
6
Latest release
First release
Stars
24
Forks
7
Watchers
4
Contributors
3
Repository size
49.8 KB
SourceRank
8

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.2.2
0.2.1
0.2.0
0.1.1
0.0.2
0.0.1

Contributors

Anton Ovchinnikov Pavel Sviderski v


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2023-12-02 17:54:43 UTC

Login to resync this project