[PYTHON-CRYPTO] things missing from PEP 272

Bram Cohen bram at GAWTH.COM
Mon Mar 18 18:48:14 CET 2002

Bram Cohen wrote:

> Also, the IV should be passed as an argument to encrypt() and decrypt(),
> not to new().

I should probably explain - reusing IV's is almost always a bad idea and
one of the common gotchas in protocol design. No need to encourage
it. Also, no need to force the overhead of another key setup just to
change IV (not a big deal for AES, but key setup for blowfish (for
example) is glacial.)

-Bram Cohen

"Markets can remain irrational longer than you can remain solvent"
                                        -- John Maynard Keynes

More information about the python-crypto mailing list