convore.json/groups/django-community/securely-storing-private-data-retrievably/messages.json

[{"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297342314.676142, "message": "What's the best way to store a user's private data in a way that is actually retrievable (ie, not SHA1 + salt). For example: API keys to other services.", "group_id": 81, "id": 68873}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297344870.14012, "message": "Yeah, I was inspired to actually look through the documentation and discovered a bunch of great stuff I hadn't knows about!", "group_id": 81, "id": 69203}, {"user_id": 281, "stars": [], "topic_id": 3527, "date_created": 1297343983.842448, "message": "yes, it seems to be actively maintained but stable (last commit ~last november) and I'm sure the google security team knows crypto much better than I do", "group_id": 81, "id": 69093}, {"user_id": 563, "stars": [], "topic_id": 3527, "date_created": 1297345058.195946, "message": "stop it. you're distracting me from my work damnit!", "group_id": 81, "id": 69222}, {"user_id": 281, "stars": [], "topic_id": 3527, "date_created": 1297343665.710933, "message": "keyczar is nice in that it takes care of a lot of stuff that can make doing crytpo well hard (e.g. easy key rotation)", "group_id": 81, "id": 69071}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297344062.2587759, "message": "Excellent, I didn't expect there to be such a ready-made solution already out there. I don't know why I underestimated the community so!", "group_id": 81, "id": 69114}, {"user_id": 281, "stars": [{"date_created": 1297370093.07465, "user_id": 603}, {"date_created": 1297382532.2110889, "user_id": 3751}, {"date_created": 1297438892.6349111, "user_id": 1535}], "topic_id": 3527, "date_created": 1297343625.1261251, "message": "Django command extensions offers an \"encrypted field\" which uses google's Keyczar (http://code.google.com/p/keyczar/) to handle the encryption", "group_id": 81, "id": 69065}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297343870.1557031, "message": "Ah, very cool! Would you trust important API keys to it? Important as in, misuse of them could cost you money and/or be destructive of your important data?", "group_id": 81, "id": 69085}, {"user_id": 281, "stars": [], "topic_id": 3527, "date_created": 1297344079.301024, "message": "the DB field stuff I wrote and it's a fairly straightforward use of keyczar so it should be relatively safe, that being said that specifically hasn't had too much explicit review", "group_id": 81, "id": 69121}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297344238.7610381, "message": "Well I've (obviously) got an application in mind, so I'll be checking it out. But as you said, Google certainly knows crypto better...", "group_id": 81, "id": 69135}, {"user_id": 563, "stars": [], "topic_id": 3527, "date_created": 1297344816.0282431, "message": "wow. I didn't know that was in command extensions. Thanks @SeanOC", "group_id": 81, "id": 69198}, {"user_id": 5177, "stars": [], "topic_id": 3527, "date_created": 1297346880.220175, "message": "That is specifically for passwords but the concepts can be reused", "group_id": 81, "id": 69525}, {"user_id": 5177, "stars": [], "topic_id": 3527, "date_created": 1297346859.89165, "message": "https://github.com/playfire/django-bcrypt/", "group_id": 81, "id": 69521}, {"user_id": 5177, "stars": [], "topic_id": 3527, "date_created": 1297346826.2718949, "message": "Playfire have released something around this", "group_id": 81, "id": 69516}, {"user_id": 5463, "stars": [], "topic_id": 3527, "date_created": 1297347577.2531509, "message": "Isn't bcrypt one-way?", "group_id": 81, "id": 69614}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297347741.7980051, "message": "@treo I don't think so, isn't it one of the algorithms used for harddrive encryption?", "group_id": 81, "id": 69640}, {"user_id": 5463, "stars": [], "topic_id": 3527, "date_created": 1297348220.441361, "message": "@gthank that probably is the better idea, I have had some fun in implementing rsa in clojure, but I wouldn't want to actually use my own implementation :)", "group_id": 81, "id": 69709}, {"user_id": 1243, "stars": [], "topic_id": 3527, "date_created": 1297347834.157938, "message": "@treo As typically used, yes. Technically, bcrypt is built on a key-derivation algorithm (originally used by blowfish), so you could probably take the output from bcrypt and use it as the secret key for an encryption algorithm.", "group_id": 81, "id": 69651}, {"user_id": 1243, "stars": [], "topic_id": 3527, "date_created": 1297347999.2565889, "message": "@treo I wouldn't use it that way, though. I try to avoid using crypto primitives like that if I can get a library to put them together for me.", "group_id": 81, "id": 69668}, {"user_id": 5463, "stars": [], "topic_id": 3527, "date_created": 1297347892.1498361, "message": "ah, ok that makes sense", "group_id": 81, "id": 69660}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297347527.0963161, "message": "@danhilton interesting, I'll check that out too!", "group_id": 81, "id": 69608}, {"user_id": 228, "stars": [], "topic_id": 3527, "date_created": 1297365260.9195099, "message": "i'd use blowfish just because i sound like a jack bauer badass when i get to say \"yeah i'm using blowfish for that\"", "group_id": 81, "id": 72911}, {"user_id": 228, "stars": [], "topic_id": 3527, "date_created": 1297365282.3724689, "message": "...but @SeanOC's answer isprobably the way to go", "group_id": 81, "id": 72920}, {"user_id": 2024, "stars": [], "topic_id": 3527, "date_created": 1297366473.7716839, "message": "@jacob it sounds a bit too much like a John Travolta movie to me. :)", "group_id": 81, "id": 73322}]