PyCrypto AES MODE_CBC - How to?

M.-A. Lemburg mal at egenix.com
Thu Feb 26 10:27:44 EST 2009 

On 2009-02-25 13:25, Helmut Jarausch wrote:
> Helmut Jarausch wrote:
>> Hi,
>>
>> I've just tried to write a simple example using PyCrypto's
>> AES (CBC mode)
>>
>> #!/usr/bin/python
>> from Crypto.Cipher import AES
>>
>> PWD='abcdefghijklmnop'
>> Initial16bytes='0123456789ABCDEF'
>>
>> crypt = AES.new(PWD, AES.MODE_CBC,Initial16bytes)
>> # crypt = AES.new(PWD, AES.MODE_ECB)
>>
>> txt = 'ea523a664dabaa4476d31226a1e3bab0'
>>
>> c = crypt.encrypt(txt)
>>
>> txt_plain=crypt.decrypt(c)
>>
>> print txt_plain
>>
>> Unfortunately, txt_plain differs from txt - why?
>> (Using MODE_ECB does work however)
>>
> 
> I just discovered that the following variant seems to work
> crypt = AES.new(PWD, AES.MODE_CBC,Initial16bytes)
> c = crypt.encrypt(txt)
> crypt = AES.new(PWD, AES.MODE_CBC,Initial16bytes) # <<< re-initialize
> txt_plain=crypt.decrypt(c)
> 
> So, the crypt object seems to keep some state.
> I haven't seen this mentioned in the documentation.

In CBC mode, all previous encryptions affect the next one,
since the blocks are chained:

http://en.wikipedia.org/wiki/Cipher_block_chaining#Cipher-block_chaining_.28CBC.29

In ECB mode, they are not, but then it doesn't provide much
security unless you change the key frequently:

http://en.wikipedia.org/wiki/Cipher_block_chaining#Electronic_codebook_.28ECB.29

(the wiki pages provide some nice graphics to see what's going
on and why CBC is better than ECB)

-- 
Marc-Andre Lemburg
eGenix.com

Professional Python Services directly from the Source  (#1, Feb 26 2009)
>>> Python/Zope Consulting and Support ...        http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ...             http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
________________________________________________________________________

::: Try our new mxODBC.Connect Python Database Interface for free ! ::::


   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611
               http://www.egenix.com/company/contact/

More information about the Python-list mailing list