[PYTHON-CRYPTO] PEP 272

Bram Cohen bram at GAWTH.COM
Sat Mar 23 08:15:19 CET 2002 

Paul Rubin wrote:

> I begin to wonder if this PEP is useful at all.  It basically
> specifies a fairly low level interface to a symmetric.  I just don't
> see the need to swap block ciphers in and out of applications.

I agree that it makes much more sense to just create an aes module, the
discussion of what it's API should be still applies though.

>     >Add incremental encryption versions of all modes where it's applicable
>
> This doesn't seem really appropriate for a low level interface.
> Rather, the low level interface should ensure that incremental
> interface can be provided by a class that calls generic cipher
> objects, and then include an implementation of such a class in our
> module.

That would be a good design, if done right, I'm not sure how the
lowel-level stuff would work though, and it should definitely be nicely
wrapped in normal modes for people to call from their programs.

> I think the incremental encryption interface should look similar to
> the current interface for hash functions, e.g.:
>
>         e = encrypter.new(cipher)
>         for plaintext in getplaintext():
>            ciphertext = e.update(plaintext)
>            output_stream.write(ciphertext)
>         output_stream.write(e.final())

That's what I was thinking as well.

>     >Add support for multiple padding modes for CBC and others to which it
>     >might be applicable
>
> Don't add multiple padding modes for CBC without a good reason.
> Just pick a mode and specify it.

One could just support exact size roundoffs and make people do their own
padding with another call or two to ECB.

>     >Get rid of cross-mode API unification. This produces some awful
>     >kludges and I've never heard of anyone actually swapping out one
>     >mode for another They're just too different.
>
> I'm not sure what this refers to.

Oh, a few things, like how counter mode should really take an integer to
specify it's start value instead of a string, and how CBC might not accept
arbitrary byte boundaries - minor things, but getting all the modes to
look *exactly* the same takes a lot of uncomfortable shoehorning.

-Bram Cohen

"Markets can remain irrational longer than you can remain solvent"
                                        -- John Maynard Keynes

More information about the python-crypto mailing list