What's so funny? WAS Re: rotor replacement
Paul Rubin
http
Sat Jan 29 21:37:25 EST 2005
Nick Craig-Wood <nick at craig-wood.com> writes:
> I would hate to see a module which only implemented ECB. Sure its the
> only operation necessary to build the others out of, but its the least
> secure mode of any block cipher.
It's intended as a building block for other modes. Most applications
shouldn't use it directly.
> If you don't offer users a choice, then they'll use ECB and just that
> along with all its pitfalls, meanwhile thinking that they are secure
> because they are using AES/DES...
The documentation has to be written somewhat forcefully to tell users
what not to do. I can help with that. I've had to do that a lot,
supporting crypto packages in projects where the other programmers
haven't used crypto very much.
More information about the Python-list
mailing list