[Python-Dev] AES cipher implementation in standard library

大野隆弘 oono0114 at gmail.com
Wed Sep 5 10:25:39 EDT 2018 

Sorry, allow me to ask one more thing.
If I want to use AES in zipfile module, what the good way to implement?

Thanks and Regards,
-----------------
Takahiro Ono

2018年9月5日(水) 23:01 大野隆弘 <oono0114 at gmail.com>:

> Christian,  really appreciated the details. I understood.
>
> Is wrapper library like ssl module with openssl on platform also not good
> idea?
> My intention is not re-invention but single standard way as standard
> library.
>
> If I can read past discussion somewhere, it's also appreciated
>
> Thanks and Regards,
> Takahiro Ono
>
>
>
>
> 2018年9月5日(水) 1:48 Christian Heimes <christian at python.org>:
>
>> On 2018-09-04 16:37, 大野隆弘 wrote:
>> > Dear all,
>> >
>> > Have we tried cipher implementation includes AES as a standard library
>> > in the past?
>> > https://docs.python.org/3.6/library/crypto.html
>> >
>> > if possible I want to try to implement AES because famous 3rd party
>> > library is not maintained and general cipher programs should be used for
>> > multiple purpose.Though the implementation is tough,  I believe this
>> > should be worth to it.
>> > In my case, I want to use AES implementation for zipfile module.
>>
>> strong -1
>>
>> The Python standard library doesn't contain any encryption, signing, and
>> other cryptographic algorithms for multiple reasons. The only exception
>> from the rule are hashing algorithms and HMAC construct. There are legal
>> implications like export restrictions. Crypto is just too hard to get
>> right and we don't want to give the user additional rope. We already had
>> a very lengthy and exhausting discussion for the secrets module. That
>> module just provides a user-friendly interface to CPRNG.
>>
>> By the way, AES by itself is a useless to borderline dangerous
>> algorithm. It must be embedded within additional layers like block mode,
>> authenticated encryption / MAC, and more. There isn't a single correct
>> answer for block mode and AD algorithm, too. It highly depends on the
>> problem space. While GCM AEAD mode is good choice for network
>> communication, it can be a pretty bad idea for persistent storage.
>>
>> There is one excellent Python library with high level and low level
>> cryptographic algorithms: http://cryptography.readthedocs.io/ . It's t
>>
>> Regards,
>> Christian
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180905/173d3887/attachment.html>

More information about the Python-Dev mailing list