[PYTHON-CRYPTO] Doing modes in Python
Bram Cohen
bram at GAWTH.COM
Sat Apr 28 04:13:10 CEST 2001
On Fri, 27 Apr 2001, Andrew Archibald wrote:
> I would say, though, that the standard modes are just that: standard.
> ECB, CBC (without stealing), n-bit CFB, OFB and Counter mode are all
> pretty standard, and they cover enough of the bases to be worth
> implementing in C.
While I agree that having pure C versions of everything done eventually is
a good idea, it's very tricky to get right, for example -
How do you pad ECB? Do you reject strings of the wrong length? Do you pad
with all zeros? If so, what do you do about losing information about the
length of the file?
How do you pad CBC?
With counter mode, do you allow it to start at a counter other than 0? Do
you make it big- or little-ending, or allow either?
I don't know OFB and CFB very well, so I can't comment on them, but I
believe they're quite tricky as well.
There's also the matter of support stream-style CBC, so a whole file
doesn't have to be pulled into memory at once, but I don't think that's
required very often.
-Bram Cohen
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes
More information about the python-crypto
mailing list