[PYTHON-CRYPTO] things missing from PEP 272
Paul Rubin
phr-pycrypt at nightsong.com
Mon Mar 18 18:50:39 CET 2002
> Also, the IV should be passed as an argument to encrypt() and
> decrypt(), not to new().
I should probably explain - reusing IV's is almost always a bad
idea and one of the common gotchas in protocol design. No need to
encourage it. Also, no need to force the overhead of another key
setup just to change IV (not a big deal for AES, but key setup for
blowfish (for example) is glacial.)
The IV is an instance variable in the crypto object. You can set it
to a new value without calling new().
More information about the python-crypto
mailing list