[PYTHON-CRYPTO] aes library
bryan at EEVOLVED.COM
Thu Apr 4 18:53:36 CEST 2002
-----BEGIN PGP SIGNED MESSAGE-----
[ Perhaps the Reply-To headers of this list ought to direct replies to the
list rather than the sender? ]
On Thursday 04 April 2002 04:31 am, you wrote:
> I'm fairly optimistic about getting an AES-based encryption module
> accepted, since they already have that silly rotor module. I worry
> more about getting a platform-dependent CPRNG accepted, and we need both.
What about platform-independent CPRNG's we could implement in pure python?
Like high-resolution timers and thread races that get their entropy from
> Fair enough. If you're ok with it being the basis of a more general
> purpose AES module, I guess we can start hacking it.
Great. Do you think CVS would be needed? Who will be collaborating?
> Do you think that implementation is better (faster?) than a
> straightforward implementation in Python using Python long ints or
> gmpy, in characteristic p, maybe with projective coordinates?
To be honest with you Paul, I couldn't tell you if a pure python
implementation would be faster or not. I can guess that a GF2^N polynomial
basis implementation in python would be slower and an ONB or GF(p)
implementation might be faster, depending mostly on the speed of python's
long int code. When I started this Cryptkit thing a year ago, I really didn't
have the time, nor the mathematics needed to implement in pure python,
although I have thought about it. However, now it seems like an interesting
course of action, especially with projective coordinates :-)
> I just looked at the cryptsock.py code and immediately notice:
> 1) it uses cPickle to deserialize messages, which has a security
> hole (see current pickle docs) if the peer is hostile.
Yes, this is a problem I am aware of. There are other problems as well if you
keep looking :-)
> 2) It appears to do an ECC signature on every message--why do that,
> if there's a shared secret key for the session? Just put a
> checksum underneath the secret-key encryption.
Very good point, thank you Paul.
Looking forward to working out an AES API...
- - --
- - --
"The only thing that interferes with my learning is my education."-- Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----
More information about the python-crypto