How to secure, break, and re-secure an encrypted data vault using Python and PostgreSQL

Monday 1:30 PM–3:30 PM in Chancellor 4 at the Grand Chancellor Hotel

Make sure sensitive data is accessible only to the right people at the right time.

See this talk and many more by getting your ticket to PyCon AU now!

You’ve got sensitive customer data you need to protect in your Python web service.

You’ve done all the right things to secure it — using SQLAlchemy to sanitise inputs to your SQL queries, HTTPS with Let’s Encrypt, and Semgrep in your CD pipeline.

You’ve even gone the extra mile — using cryptography and SQLAlchemy’s StringEncryptedType to encrypt each row of data with AES.

But you have a lingering feeling that it’s all not quite enough. So how do you shake that feeling?

One of the best ways to understand a system is to break it and rebuild it. That is what we’re going to do in this session.

In this workshop you’ll learn:

How to secure, break, and then re-secure an encrypted data vault built using Python and PostgreSQL
The cryptography fundamentals you need to pay attention to, and the ones you don’t
Plus: how quantum safety should affect how you encrypt data today

Dan Draper

Dan is the CEO and founder of CipherStash which provides a highly secure, frictionless data protection platform that works everywhere sensitive data is stored. Dan is a life-long techie, nerd and is proudly neuro-spicy having been diagnosed with ADHD at the age of 40. Dan’s obsession for the past 8 years has been cryptography and the powerful ways it can be used for data protection and privacy.