[pycrypto] RSA exportKey question

Legrandin helderijs at gmail.com
Wed Jul 3 14:26:05 PDT 2013

I find 3DES is as good as AES for most practical purposes.
The main limitation I see is that the current RSA.exportKey() uses
PEM-level encryption and the MD5-based EVP_BytesToKey function for key
derivation. Nowadays that is *really* weak.

I opened a pull request [1] with a proposal for adding PKCS#8, since
it is widely used and it makes it easier to have pluggable algorithms
(the default combination being PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC but
PBKDF2WithHMAC-SHA1AndAES128-CBC is available too). It took a few
iterations, but I am pretty happy with it.
On top of that I have also just added exportKey/importKey to DSA [2].

Feedback is welcome.

[1] https://github.com/dlitz/pycrypto/pull/32
[2] https://github.com/dlitz/pycrypto/pull/51

2013/6/28 Kurt Vogel <kvogel at mdcom.com>:
> Hello,
> Wondering if it would be worthwhile to add more encryption options to rsa
> exportKey() function rather than just DES3?  As the default for ssh-keygen
> -t rsa export is 128-bit AES.  And maybe allow plug-able hash algorithms
> such as PBKDF2, Bcrypt, etc.?
> Thanks,
> Kurt
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto

More information about the pycrypto mailing list