[PYTHON-CRYPTO] Near-term projects for pycrypto
Bram Cohen
bram at GAWTH.COM
Tue Nov 20 04:23:29 CET 2001
On Tue, 20 Nov 2001, Paul Rubin wrote:
> 2) Is there any point in keeping the implementations of MD5 and SHA if
> Python comes with them?
>
> If the pycrypto implementations are better (e.g., faster), then keep them.
> Otherwise drop them.
If they're faster, they can be substituted in with a later version of
Python.
> OTOH I'd like to propose supporting SHA in output feedback mode as a
> stream cipher. The reason is that it can be implemented efficiently
> in pure Python using the built-in sha library. My own crypto lib uses
> it for that reason.
sha1 has some weaknesses in that mode, although they may be theoretical.
It's also extremely slow - there's a fair amount of padding sha1 does on
the theory that most things hashed are quite large and a fixed amount of
padding is no big deal, and sha1 isn't all that fast to begin with. An
altogether more reasonable stream cipher is AES in counter mode, which is
what I'm using.
> Also, a Yarrow-like PRNG should be added.
hear hear! I have an entropy.entropy() function which takes a number and
returns a random string containing that number of bytes. Under unix it
initially seeds from /dev/random, but under Windows I had to completely
punt it with something very ugly and not terribly secure.
-Bram Cohen
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes
More information about the python-crypto
mailing list