What's so funny? WAS Re: rotor replacement

Nick Craig-Wood nick at craig-wood.com
Sat Jan 29 15:30:01 EST 2005

Paul Rubin <http> wrote:
>  An AES or DES addition to an existing module that implements just one
>  call:
>     ECB(key, data, direction)
>  would be a huge improvement over what we have now.  A more complete
>  crypto module would have some additional operations, but ECB is the
>  only one that's really essential.

I would hate to see a module which only implemented ECB.  Sure its the
only operation necessary to build the others out of, but its the least
secure mode of any block cipher.

If you don't offer users a choice, then they'll use ECB and just that
along with all its pitfalls, meanwhile thinking that they are secure
because they are using AES/DES...

For those people following along at home (I'm sure everyone who has
contributed to thread knows this already) I tried to find a simple
link to why ECB is bad, this PDF is the best I could come up with, via
Google's Cache.


Nick Craig-Wood <nick at craig-wood.com> -- http://www.craig-wood.com/nick

More information about the Python-list mailing list