[PYTHON-CRYPTO] To OFB or not to OFB ? -> was RE: Re: some issues regarding OFB and CFB mode

[Paul Lambert]

Eric,

Thanks for the reply ... 

>Because it IS a library. 
>A useful library would not artificially limit what I can do.

Perhaps ... however some limitations can prevent the less clueful from implementing a bad system design.  Limitations also prevent feature bloat and reduce code size.

>For example, what happens if I need to interoperate with a system that 
>uses a "badcipher" ? 

Just say no :-)

Off hand, I can not think of any 'useful' Internet protocols that use OFB or CFB.  There are some ANSI banking standards that MAY use these modes. If there were clear usage of these modes, they should obviously be implemented in a library.


So ... I've implemented a 'pure' Python Rijndael/AES implementation.  It supports ECB, CBC and CCM, but not OFB or CFB.  These would be fairly easy to add, so I am curious to find what modes are really needed, versus just adding more acronyms to the list of supported modes.

On this code ... I'll post a pointer to the latest version after I get my BXA approval.  An early version leaked out at http://www.hifn.com/support/ccm.htm (note version 3.0 will have license updated to be 'open source'). The leaked version (not posted by me, please BXA don't come after me :-) was written for CCM interoperability testing.

I don't plan to add OFB or CFB until I find a 'use' for these modes. 

Paul

-----Original Message-----
From: Eric Johnson [mailto:Eric.Johnson at GDAI.COM]
Sent: Monday, December 02, 2002 1:21 PM
To: PYTHON-CRYPTO at NIC.SURFNET.NL
Subject: Re: some issues regarding OFB and CFB mode



> Bad ciphers and modes should not be included in a crypto library without adequate justification.
>
>Just an opinion ... 

Because it IS a library. 
A useful library would not artificially limit what I can do. 

For example, what happens if I need to interoperate with a system that uses a "bad cipher" ? 

Eric