diff options
Diffstat (limited to 'pipermail/pycrypto/2013q4/000741.html')
-rw-r--r-- | pipermail/pycrypto/2013q4/000741.html | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/pipermail/pycrypto/2013q4/000741.html b/pipermail/pycrypto/2013q4/000741.html new file mode 100644 index 0000000..8be514b --- /dev/null +++ b/pipermail/pycrypto/2013q4/000741.html @@ -0,0 +1,154 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> +<HTML> + <HEAD> + <TITLE> [pycrypto] DES3 problem + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20DES3%20problem&In-Reply-To=%3CCAGfyce0oB2vFOj0p6U30RdZ2Xks9KyEjuNLyc_R_Q47f3mYQXg%40mail.gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <style type="text/css"> + pre { + white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */ + } + </style> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="000740.html"> + <LINK REL="Next" HREF="000742.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[pycrypto] DES3 problem</H1> + <B>Legrandin</B> + <A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20DES3%20problem&In-Reply-To=%3CCAGfyce0oB2vFOj0p6U30RdZ2Xks9KyEjuNLyc_R_Q47f3mYQXg%40mail.gmail.com%3E" + TITLE="[pycrypto] DES3 problem">helderijs at gmail.com + </A><BR> + <I>Fri Nov 29 12:16:47 PST 2013</I> + <P><UL> + <LI>Previous message: <A HREF="000740.html">[pycrypto] DES3 problem +</A></li> + <LI>Next message: <A HREF="000742.html">[pycrypto] DES3 problem +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#741">[ date ]</a> + <a href="thread.html#741">[ thread ]</a> + <a href="subject.html#741">[ subject ]</a> + <a href="author.html#741">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Hi, + +Since a cipher object is stateful, it can be used for either +encryption or decryption but not both. +In order to simulate both ends of a communication, you need two cipher objects. +Your code should be: + +>>><i> from Crypto.Cipher import DES3 +</I>>>><i> from Crypto import Random +</I>>>><i> key = b'Sixteen byte key' +</I>>>><i> iv = Random.new().read(DES3.block_size) +</I>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv) +</I>>>><i> plaintext = b'sona si latine loqueris ' +</I>>>><i> msg = iv + cipher.encrypt(plaintext) +</I>>>><i> +</I>>>><i> +</I>>>><i> +</I>>>><i> iv = msg[:16] +</I>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv) +</I>>>><i> p = cipher.decrypt(msg[16:]) +</I>>>><i> print(p) +</I> +The only exception is the ECB mode. Being it stateless, it lets you +intermix encryption and decryption. +However, that mode should be avoided when possible because it's very +tricky to get right. + +A nonce (sometimes called IV) is critical a value required by most +modes (ECB again being an exception). +It is typically required to be unique per each combination of +key/message. In some cases - like for CBC - it must also be +unpredictable to an adversary. The nonce/IV does not need to kept +secret but it needs to be delivered to the receiver somehow, otherwise +it wouldn't be able to perform decryption. +One common choice is to generate the nonce/IV randomly and prepend it +to the ciphertext (that is, the result of a call to .encrypt() ) but +nothing stops you from sending it afterwards. + + +2013/11/29 Dave Pawson <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dave.pawson at gmail.com</A>>: +><i> On 29 November 2013 15:16, Legrandin <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">helderijs at gmail.com</A>> wrote: +</I>><i> +</I>>><i> The DES3 example you are looking for is actually here: +</I>>><i> +</I>>><i> <A HREF="https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.DES-module.html">https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.DES-module.html</A> +</I>><i> +</I>><i> +</I>><i> I can't get that working. +</I>><i> +</I>><i> Request please? +</I>><i> Assuming I'm not unusual in wanting to both encrypt and then decrypt. +</I>><i> It would be very helpful to show the decrypt after the encrypt? +</I>><i> the oddities I'm finding, +</I>><i> 1. Why is it sometimes (I don't know why) shown creating two ciphers, +</I>><i> one for encrypt, one for decrypt. +</I>><i> 2. The use of a nonce (as per above) +</I>><i> Is it normal to decrypt using +</I>><i> +</I>><i> ciphertext=iv + ciphere.encrypt(plaintext) +</I>><i> plain = cipherd.decrypt(ciphertext[16:]) +</I>><i> +</I>><i> Using the example.... +</I>><i> +</I>>>>><i> from Crypto.Cipher import DES3 +</I>>>>><i> from Crypto import Random +</I>>>>><i> key = b'Sixteen byte key' +</I>>>>><i> iv = Random.new().read(DES3.block_size) +</I>>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv) +</I>>>>><i> plaintext = b'sona si latine loqueris ' +</I>>>>><i> msg = iv + cipher.encrypt(plaintext) +</I>>>>><i> p = cipher.decrypt(msg[16:]) +</I>>>>><i> print(p) +</I>><i> b'\xc0/)~\xc1\xa4\xb0\xb3\x0c\x92y_\x9a\xaa\xe3\xa0' +</I>><i> +</I>><i> Any ideas please? +</I>><i> +</I>><i> +</I>><i> TiA +</I>><i> +</I>><i> +</I>><i> +</I>><i> +</I>><i> +</I>><i> +</I>><i> -- +</I>><i> Dave Pawson +</I>><i> XSLT XSL-FO FAQ. +</I>><i> Docbook FAQ. +</I>><i> <A HREF="http://www.dpawson.co.uk">http://www.dpawson.co.uk</A> +</I>><i> _______________________________________________ +</I>><i> pycrypto mailing list +</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">pycrypto at lists.dlitz.net</A> +</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</A> +</I></PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="000740.html">[pycrypto] DES3 problem +</A></li> + <LI>Next message: <A HREF="000742.html">[pycrypto] DES3 problem +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#741">[ date ]</a> + <a href="thread.html#741">[ thread ]</a> + <a href="subject.html#741">[ subject ]</a> + <a href="author.html#741">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto +mailing list</a><br> +</body></html> |