Authenticated encryption with PyCrypto

geremy condra debatem1 at gmail.com
Tue Jan 26 20:40:08 CET 2010


On Tue, Jan 26, 2010 at 12:37 PM, M.-A. Lemburg <mal at egenix.com> wrote:

<snip>

> You are also using CBC mode, even though you are really after
> ECB mode (your code doesn't use chaining). With ECB mode, you
> don't need the IV string.

However, ECB mode is not as secure- the IV is the right way to go
here.

I'd also note that you aren't supposed to use RandomPool anymore,
and that AES-192 is frequently recommended over AES-256 for
new applications due to a number of recent developments in
the cryptanalysis of its key schedule.

Geremy Condra



More information about the Python-list mailing list