[PYTHON-CRYPTO] things missing from PEP 272
bram at GAWTH.COM
Tue Mar 19 02:23:19 CET 2002
> Bram Cohen <bram at GAWTH.COM> wrote:
> > The API for OFB is obvious, but the one for CTR is considerably less so.
> > My suggestion is to have the IV be the first block to be encrypted,
> Err... Wouldn't that mean that if you sent a message consisting of BLOCK0 and
> BLOCK1, and then you sent a message consisting of BLOCK0 and BLOCK2, that both
> messages would be completely readable to a passive eavesdroppper? :-)
Well, yes - you aren't supposed to reuse keys for CTR mode.
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes
More information about the python-crypto