To put it another way, the AES block cipher you're using is not going to be the "weak link" in the chain that comprises your delivered application.
Software encryption is apparently quite difficult to implement properly, though. There are a lot of places for keys or sensitive data to unknowlingly (to you) end up on a complex OS, including temporary files (even unlinked ones), swap space, and RAM.
To speak to your questions / points:
Quote:
Originally Posted by tangle
I have written a program to encrypt a file using AES encryiption in Python using PyCrypto. Is there a way to test the encryption? I would like to be sure that it is working the way it should.
|
As mentioned by the other folks, if symmetric key + cipher can successfully decrypt ciphertext, then you've confirmed symmetric key + cipher were used to encrypt the plaintext.
Quote:
Originally Posted by tangle
I want to test to see if it can be easily broken.
|
Totally depends on context. The way you've implemented the encryption, and the way any third-party modules you're using have implemented the encryption, will determine whether it can be easily broken. (But, again, it's not going to be easily broken by someone performing a cryptanalysis on AES any time soon. Not when there is much lower hanging fruit.)
If you need substantial advice and direction on this topic, then I recommend both of:
- Cryptography Engineering by Schneier and Kohno
- Applied Cryptography by Schneier
There's not an easy answer. Deep, fundamental understanding will aid you in developing "good" software encryption.