ezPyCrypto keys

Robert Kern kern at taliesen.caltech.edu
Wed Aug 27 12:43:13 CEST 2003


In article <mailman.1061952360.8539.python-list at python.org>,
	John Hunter <jdhunter at ace.bsd.uchicago.edu> writes:

[snip]

> What's going on?  Is it abnormal for so many of the characters in the
> exported string to be the same?  The machine I am running on is a
> server that rarely has anyone logged in directly.  Is this a problem
> with not enough randomness in /dev/random?

As Heiko suggests, it's just the serialization protocol that is creating
this effect. ezPyCrypto keeps the key as a Python long, pickles it along
with other information, then base64-encodes the resulting string. The
pickled representation of a long doesn't contain the raw bytes; it
contains the string representation, so the pickle contains a lot of
decimal digits rather than a full 0-255 range of bytes. Naturally, this
representation has redundancy which is made more apparent by the
base64-encoding.

All 2048 bits of entropy should still be there.

> Thanks for any suggestions,
> John Hunter

-- 
Robert Kern
kern at caltech.edu

"In the fields of hell where the grass grows high
 Are the graves of dreams allowed to die."
  -- Richard Harter




More information about the Python-list mailing list