Encrypting much data with AES and M2Crypto
Jason Smith
jason_nospam at oes.co.th
Sat May 31 08:19:35 EDT 2003
Hi. I am working on a small open source backup tool. It is based on
Knoppix, and it uses Python to make full hard drive backups over Samba or
NFS. Everything works, except the encryption. Basically, the software
will upload an AES-encrypted HDD image.
Firstly, I have been working under the assumption that M2Crypto is the
de-facto Python cryptography toolkit. Is this true? At any rate, I'm
using an M2Crypto.BIO.CipherStream object as in the package's
demo/bio_ciph_test.py usage.
The problem is, the algorithm seems to be more useful for encrypting small
amounts of data in memory, as it is adding up to an additional block of
ciphertext to the output. (That's because a block algorithm like AES must
have its input in block-sized chunks. To handle smaller chunks, usually
you pad the last input block, then you write down how many bits to throw
away in the last byte of the input.)
But, since I will be feeding the CipherStream many gigabytes, I need to
prevent this behavior, until of course I encrypt the last part of the hard
drive image.
(Also, when decrypting, M2Crypto only seems to be outputting 4096 bytes, but
the above bug is more of a show-stopper.)
Thanks for any feedback with this issue.
--
Jason Smith
Open Enterprise Systems
Bangkok, Thailand
More information about the Python-list
mailing list