1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [pycrypto] DES3 problem
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20DES3%20problem&In-Reply-To=%3CCAGfyce0oB2vFOj0p6U30RdZ2Xks9KyEjuNLyc_R_Q47f3mYQXg%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000740.html">
<LINK REL="Next" HREF="000742.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[pycrypto] DES3 problem</H1>
<B>Legrandin</B>
<A HREF="mailto:pycrypto%40lists.dlitz.net?Subject=Re%3A%20%5Bpycrypto%5D%20DES3%20problem&In-Reply-To=%3CCAGfyce0oB2vFOj0p6U30RdZ2Xks9KyEjuNLyc_R_Q47f3mYQXg%40mail.gmail.com%3E"
TITLE="[pycrypto] DES3 problem">helderijs at gmail.com
</A><BR>
<I>Fri Nov 29 12:16:47 PST 2013</I>
<P><UL>
<LI>Previous message: <A HREF="000740.html">[pycrypto] DES3 problem
</A></li>
<LI>Next message: <A HREF="000742.html">[pycrypto] DES3 problem
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#741">[ date ]</a>
<a href="thread.html#741">[ thread ]</a>
<a href="subject.html#741">[ subject ]</a>
<a href="author.html#741">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Hi,
Since a cipher object is stateful, it can be used for either
encryption or decryption but not both.
In order to simulate both ends of a communication, you need two cipher objects.
Your code should be:
>>><i> from Crypto.Cipher import DES3
</I>>>><i> from Crypto import Random
</I>>>><i> key = b'Sixteen byte key'
</I>>>><i> iv = Random.new().read(DES3.block_size)
</I>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv)
</I>>>><i> plaintext = b'sona si latine loqueris '
</I>>>><i> msg = iv + cipher.encrypt(plaintext)
</I>>>><i>
</I>>>><i>
</I>>>><i>
</I>>>><i> iv = msg[:16]
</I>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv)
</I>>>><i> p = cipher.decrypt(msg[16:])
</I>>>><i> print(p)
</I>
The only exception is the ECB mode. Being it stateless, it lets you
intermix encryption and decryption.
However, that mode should be avoided when possible because it's very
tricky to get right.
A nonce (sometimes called IV) is critical a value required by most
modes (ECB again being an exception).
It is typically required to be unique per each combination of
key/message. In some cases - like for CBC - it must also be
unpredictable to an adversary. The nonce/IV does not need to kept
secret but it needs to be delivered to the receiver somehow, otherwise
it wouldn't be able to perform decryption.
One common choice is to generate the nonce/IV randomly and prepend it
to the ciphertext (that is, the result of a call to .encrypt() ) but
nothing stops you from sending it afterwards.
2013/11/29 Dave Pawson <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">dave.pawson at gmail.com</A>>:
><i> On 29 November 2013 15:16, Legrandin <<A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">helderijs at gmail.com</A>> wrote:
</I>><i>
</I>>><i> The DES3 example you are looking for is actually here:
</I>>><i>
</I>>><i> <A HREF="https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.DES-module.html">https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.DES-module.html</A>
</I>><i>
</I>><i>
</I>><i> I can't get that working.
</I>><i>
</I>><i> Request please?
</I>><i> Assuming I'm not unusual in wanting to both encrypt and then decrypt.
</I>><i> It would be very helpful to show the decrypt after the encrypt?
</I>><i> the oddities I'm finding,
</I>><i> 1. Why is it sometimes (I don't know why) shown creating two ciphers,
</I>><i> one for encrypt, one for decrypt.
</I>><i> 2. The use of a nonce (as per above)
</I>><i> Is it normal to decrypt using
</I>><i>
</I>><i> ciphertext=iv + ciphere.encrypt(plaintext)
</I>><i> plain = cipherd.decrypt(ciphertext[16:])
</I>><i>
</I>><i> Using the example....
</I>><i>
</I>>>>><i> from Crypto.Cipher import DES3
</I>>>>><i> from Crypto import Random
</I>>>>><i> key = b'Sixteen byte key'
</I>>>>><i> iv = Random.new().read(DES3.block_size)
</I>>>>><i> cipher = DES3.new(key, DES3.MODE_OFB, iv)
</I>>>>><i> plaintext = b'sona si latine loqueris '
</I>>>>><i> msg = iv + cipher.encrypt(plaintext)
</I>>>>><i> p = cipher.decrypt(msg[16:])
</I>>>>><i> print(p)
</I>><i> b'\xc0/)~\xc1\xa4\xb0\xb3\x0c\x92y_\x9a\xaa\xe3\xa0'
</I>><i>
</I>><i> Any ideas please?
</I>><i>
</I>><i>
</I>><i> TiA
</I>><i>
</I>><i>
</I>><i>
</I>><i>
</I>><i>
</I>><i>
</I>><i> --
</I>><i> Dave Pawson
</I>><i> XSLT XSL-FO FAQ.
</I>><i> Docbook FAQ.
</I>><i> <A HREF="http://www.dpawson.co.uk">http://www.dpawson.co.uk</A>
</I>><i> _______________________________________________
</I>><i> pycrypto mailing list
</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">pycrypto at lists.dlitz.net</A>
</I>><i> <A HREF="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</A>
</I></PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000740.html">[pycrypto] DES3 problem
</A></li>
<LI>Next message: <A HREF="000742.html">[pycrypto] DES3 problem
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#741">[ date ]</a>
<a href="thread.html#741">[ thread ]</a>
<a href="subject.html#741">[ subject ]</a>
<a href="author.html#741">[ author ]</a>
</LI>
</UL>
<hr>
<a href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">More information about the pycrypto
mailing list</a><br>
</body></html>
|
