From ebaa68ad512769bf9a235e3dff6fc1801591170e Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 30 Jun 2022 08:45:20 -0400 Subject: [PATCH] Island: Add TODO about cryptography.fernet --- .../cc/server_utils/encryption/key_based_encryptor.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/monkey/monkey_island/cc/server_utils/encryption/key_based_encryptor.py b/monkey/monkey_island/cc/server_utils/encryption/key_based_encryptor.py index 41c8b0db2..630094989 100644 --- a/monkey/monkey_island/cc/server_utils/encryption/key_based_encryptor.py +++ b/monkey/monkey_island/cc/server_utils/encryption/key_based_encryptor.py @@ -27,6 +27,10 @@ class KeyBasedEncryptor(IEncryptor): def __init__(self, key: bytes): self._key = key + # TODO: Let's use cryptography.fernet. It's simpler for us and we're less likely to screw + # something up. The main drawback to fernet is that it uses AES-128, which is not + # quantum-safe. At the present time, human error is probably a greater risk than quantum + # computers. def encrypt(self, plaintext: str) -> str: cipher_iv = Random.new().read(AES.block_size) cipher = AES.new(self._key, AES.MODE_CBC, cipher_iv)