[pycrypto] DES3 problem

Legrandin helderijs at gmail.com
Fri Nov 29 12:16:47 PST 2013


Hi,

Since a cipher object is stateful, it can be used for either
encryption or decryption but not both.
In order to simulate both ends of a communication, you need two cipher objects.
Your code should be:

>>> from Crypto.Cipher import DES3
>>> from Crypto import Random
>>> key = b'Sixteen byte key'
>>> iv = Random.new().read(DES3.block_size)
>>> cipher = DES3.new(key, DES3.MODE_OFB, iv)
>>> plaintext = b'sona si latine loqueris '
>>> msg = iv + cipher.encrypt(plaintext)
>>>
>>>
>>>
>>> iv = msg[:16]
>>> cipher = DES3.new(key, DES3.MODE_OFB, iv)
>>> p = cipher.decrypt(msg[16:])
>>> print(p)

The only exception is the ECB mode. Being it stateless, it lets you
intermix encryption and decryption.
However, that mode should be avoided when possible because it's very
tricky to get right.

A nonce (sometimes called IV) is critical a value required by most
modes (ECB again being an exception).
It is typically required to be unique per each combination of
key/message. In some cases - like for CBC - it must also be
unpredictable to an adversary. The nonce/IV does not need to kept
secret but it needs to be delivered to the receiver somehow, otherwise
it wouldn't be able to perform decryption.
One common choice is to generate the nonce/IV randomly and prepend it
to the ciphertext (that is, the result of a call to .encrypt() ) but
nothing stops you from sending it afterwards.


2013/11/29 Dave Pawson <dave.pawson at gmail.com>:
> On 29 November 2013 15:16, Legrandin <helderijs at gmail.com> wrote:
>
>> The DES3 example you are looking for is actually here:
>>
>> https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.DES-module.html
>
>
> I can't get that working.
>
> Request please?
> Assuming I'm not unusual in wanting to both encrypt and then decrypt.
> It would be very helpful to show the decrypt after the encrypt?
> the oddities I'm finding,
> 1. Why is it sometimes (I don't know why) shown creating two ciphers,
> one for encrypt, one for decrypt.
> 2. The use of a nonce (as per above)
> Is it normal to decrypt using
>
> ciphertext=iv + ciphere.encrypt(plaintext)
> plain = cipherd.decrypt(ciphertext[16:])
>
> Using the example....
>
>>>> from Crypto.Cipher import DES3
>>>> from Crypto import Random
>>>> key = b'Sixteen byte key'
>>>> iv = Random.new().read(DES3.block_size)
>>>> cipher = DES3.new(key, DES3.MODE_OFB, iv)
>>>> plaintext = b'sona si latine loqueris '
>>>> msg = iv + cipher.encrypt(plaintext)
>>>> p = cipher.decrypt(msg[16:])
>>>> print(p)
> b'\xc0/)~\xc1\xa4\xb0\xb3\x0c\x92y_\x9a\xaa\xe3\xa0'
>
> Any ideas please?
>
>
> TiA
>
>
>
>
>
>
> --
> Dave Pawson
> XSLT XSL-FO FAQ.
> Docbook FAQ.
> http://www.dpawson.co.uk
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto


More information about the pycrypto mailing list