[pycrypto] Typo or bug?

Legrandin gooksankoo at hoiptorrow.mailexpire.com
Tue Jun 26 07:31:15 EDT 2012


>
>
> I think I have it working....
>
>  myiv = "some Random string"   # which is 16 bytes long....
>  encobj = AES.new(secret, AES.MODE_CFB, myiv)
>
> Would someone help me understand what is happening here please?
>
> I'm guessing on both encode and decode the 'myiv' string should be
> identical...
> but I'm unsure?
>
> https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.AES-module.html#new
> shows it in use, but with no explanation?
>
>
Choice of the IV is critical for security.
For CFB, the combination IV and key must be use only with one message, and
never occur again.
That is explained here:

https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.blockalgo-module.html#MODE_CFB

IV needs indeed to be share by the party encrypting and by the party
decrypting the message.

Up to pycrypto 2.5, when no iv was provided to new() a string of zeroes was
automatically used.
Depending on your application, that may or may not be a problem. It is
wiser to always make iv explicit.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120626/e1bf90e4/attachment.html>


More information about the pycrypto mailing list