Authenticated encryption with PyCrypto
M.-A. Lemburg
mal at egenix.com
Tue Jan 26 16:00:22 EST 2010
geremy condra wrote:
> On Tue, Jan 26, 2010 at 12:37 PM, M.-A. Lemburg <mal at egenix.com> wrote:
>
> <snip>
>
>> You are also using CBC mode, even though you are really after
>> ECB mode (your code doesn't use chaining). With ECB mode, you
>> don't need the IV string.
>
> However, ECB mode is not as secure- the IV is the right way to go
> here.
Right - I forgot that PyCrypto applies the chaining internally
when being passed data of more than 32 bytes.
> I'd also note that you aren't supposed to use RandomPool anymore,
> and that AES-192 is frequently recommended over AES-256 for
> new applications due to a number of recent developments in
> the cryptanalysis of its key schedule.
Do you have pointers for this ?
I could only find
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Security
and
https://cryptolux.org/Block
My reading of their FAQ (https://cryptolux.org/FAQ_on_the_attacks)
is that using AES-128 is the way to go (and it's faster too) - at
least for the time being.
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Jan 26 2010)
>>> Python/Zope Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
::: Try our new mxODBC.Connect Python Database Interface for free ! ::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Python-list
mailing list