[pycrypto] ANN: PyCrypto 2.6 released

Dwayne C. Litzenberger dlitz at dlitz.net
Thu May 24 19:07:32 EDT 2012

PyCrypto 2.6 has been released!

You can download this release from http://www.pycrypto.org/.  It has the 
following SHA256 sums:

7293c9d7e8af2e44a82f86eb9c3b058880f4bcc884bf3ad6c8a34b64986edde8 *pycrypto-2.6.tar.gz
9b64854f69dd7daf06aa8865d6a9699f00687640d77784d4ccc489080637d6f3 *pycrypto-2.6.tar.gz.asc

The git repository is here: https://github.com/dlitz/pycrypto/
The v2.6 commit id is: 373ea760f21701b162e8c4912a66928ee30d401a

Please test it and post your experiences to the PyCrypto mailing list:

      pycrypto at lists.dlitz.net

and/or file bug reports on Launchpad:


Here is the changelog:

  * [CVE-2012-2417] Fix LP#985164: insecure ElGamal key generation.
    (thanks: Legrandin)

    In the ElGamal schemes (for both encryption and signatures), g is
    supposed to be the generator of the entire Z^*_p group.  However, in
    PyCrypto 2.5 and earlier, g is more simply the generator of a random
    sub-group of Z^*_p.

    The result is that the signature space (when the key is used for
    signing) or the public key space (when the key is used for encryption)
    may be greatly reduced from its expected size of log(p) bits, possibly
    down to 1 bit (the worst case if the order of g is 2).

    While it has not been confirmed, it has also been suggested that an
    attacker might be able to use this fact to determine the private key.

    Anyone using ElGamal keys should generate new keys as soon as practical.

    Any additional information about this bug will be tracked at

  * Huge documentation cleanup (thanks: Legrandin).

  * Added more tests, including test vectors from NIST 800-38A
    (thanks: Legrandin)

  * Remove broken MODE_PGP, which never actually worked properly.
    A new mode, MODE_OPENPGP, has been added for people wishing to write
    OpenPGP implementations.  Note that this does not implement the full
    OpenPGP specification, only the "OpenPGP CFB mode" part of that

  * Fix: getPrime with invalid input causes Python to abort with fatal error

  * Fix: Segfaults within error-handling paths
    (thanks: Paul Howarth & Dave Malcolm)

  * Fix: Block ciphers allow empty string as IV

  * Fix DevURandomRNG to work with Python3's new I/O stack.
    (thanks: Sebastian Ramacher)

  * Remove automagic dependencies on libgmp and libmpir, let the caller
    disable them using args.

  * Many other minor bug fixes and improvements (mostly thanks to Legrandin)

Thanks to everyone who helped make this release possible, especially to
Legrandin, who again did most of the work.

- Dwayne

Dwayne C. Litzenberger <dlitz at dlitz.net>
    OpenPGP: 19E1 1FE8 B3CF F273 ED17  4A24 928C EC13 39C2 5CF7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 222 bytes
Desc: Digital signature
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120524/5d0695d0/attachment.sig>

More information about the pycrypto mailing list