[PYTHON-CRYPTO] purpose of list

Fri Dec 7 05:56:13 CET 2001

On Thu, 6 Dec 2001, Dan Stromberg wrote:

> I've placed a Diffie-Helman module in pure python at
> ftp://autoinst.acs.uci.edu/pub/python/dh .

A few comments -

Are you aware that the built-in pow() function takes an optional third
argument which is the modulus? That seems to eliminate the need for your
powmod module.

The 'standard' moduli to use are listed here -

http://www.ietf.org/internet-drafts/draft-ietf-ipsec-ike-modp-groups-01.txt

The built-in whrandom and random modules aren't even vaguely
cryptographically secure, you should use a cryptographically
secure PRNG.

Your conversion.py is very inefficient. It can be made more efficient by
using some built-in modules in a somewhat hacky manner, here's the code
(copied from the BitTorrent source) -

# Written by Bram Cohen
# This file is public domain
# The authors disclaim all liability for any damages resulting from
# any use of this software.

from binascii import b2a_hex, a2b_hex

def int_to_binary(numin, size):
    x = hex(numin)[2:]
    if x[-1] == 'L':
        x = x[:-1]
    if len(x) % 2 == 1:
        x = '0' + x
    x = a2b_hex(x)
    x = ('\000' * (size - len(x))) + x
    return x

def binary_to_int(s):
    return long(b2a_hex(s), 16)

There's no need to set q to be some funny prime, if you use one of the
standard moduli 2 is perfectly acceptable.

Also, any wire protocol will necessarily have it's own quirks, and the
particular API each one exposes varies widely, so the chances of someone
wanting to use your particular API for doing diffie-hellman are pretty
small.

If you'd like to see Diffie-Hellman in use in complete application, I
suggest you check out my project, BitTorrent, which you can find here -

http://bitconjurer.org/BitTorrent/

-Bram Cohen

"Markets can remain irrational longer than you can remain solvent"
                                        -- John Maynard Keynes