block ciphers

Discussion in 'Python' started by Trevor Perrin, Apr 20, 2004.

  1. (I know this has come up before, but the previous discussions I could
    find seemed inconclusive, so I hope people don't mind...)


    Q: How about adding block ciphers to Python 2.4?

    PEP 272 defines an API, and there's an excellent library that implements
    it [1]. It would be very little work to copy the AES and DES3 modules
    into stdlib (perhaps in a 'ciphers' package).

    As far as legal issues, US Export is no problem - you just email in a
    notice [2]. A few countries have import issues, though I believe
    they're widely disregarded (the windows installer comes with SSL; has
    anyone complained?). Furthermore, it would be easy to provide a
    no-crypto distribution.

    It's hard to distribute pure-python crypto software without this. You
    have to include or reference 3rd-party extension modules, which some
    users won't want to install, some will have trouble installing (like
    Windows users without a compiler), and some won't be able to install
    (Jython or IronPython users, for example).

    So is this totally out of the question? Or would it be worth pursuing,
    through a PEP, or patch, or discussion on python-dev?


    Trevor


    [1] http://www.amk.ca/python/code/crypto.html
    [2] http://www.bxa.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html
     
    Trevor Perrin, Apr 20, 2004
    #1
    1. Advertising

  2. Trevor Perrin

    Paul Rubin Guest

    Trevor Perrin <> writes:
    > Q: How about adding block ciphers to Python 2.4?
    >
    > PEP 272 defines an API, and there's an excellent library that
    > implements it [1]. It would be very little work to copy the AES and
    > DES3 modules into stdlib (perhaps in a 'ciphers' package).


    PEP 272 has an API for both block and stream ciphers, and the block
    cipher API is kind of cumbersome. I did some work a while back on
    defining a new block cipher API and posted some about it back then.
    I've been meaning to get that code out of mothballs and propose a new
    PEP. A sample implementation is at

    http://www.nightsong.com/phr/crypto/blockcipher.tgz

    but there are some things about it that I want to change. I recently
    used it to write a pure-Python script that decrypts PGP files, if
    that's of any interest too.

    > So is this totally out of the question? Or would it be worth
    > pursuing, through a PEP, or patch, or discussion on python-dev?


    I'm not sure exactly what you're asking.
     
    Paul Rubin, Apr 20, 2004
    #2
    1. Advertising

  3. Paul Rubin wrote:
    > [...]
    > PEP 272 has an API for both block and stream ciphers, and the block
    > cipher API is kind of cumbersome.


    In what way? It seems to me quite simple:

    >>> from Crypto.Cipher import AES
    >>>
    >>> context = AES.new(key, AES.MODE_CBC, iv)
    >>> ciphertext = context.encrypt(plaintext)

    >>
    >>> context = AES.new(key, AES.MODE_CBC, iv)
    >>> plaintext = context.decrypt(ciphertext)


    A couple of the keyword arguments could be changed ('rounds', and
    'counter'), and the IV should probably be writeable as well as readable
    (which is how PyCrypto, which implements this PEP, actually works).

    Other than that, I've been using this API (and wrapping a few other
    cipher libraries with it), and I find it about as close to transparent
    and painless as you can get!


    > I did some work a while back on
    > defining a new block cipher API and posted some about it back then.
    > I've been meaning to get that code out of mothballs and propose a new
    > PEP. A sample implementation is at
    >
    > http://www.nightsong.com/phr/crypto/blockcipher.tgz


    I'd be happy with that too, but it seems a smidgen less simple, at least
    for the user:

    >>> from blockcipher import CBC
    >>> import AES
    >>>
    >>> context = CBC(AES.ecb(key), 'e', iv)
    >>> ciphertext = context.update(plaintext)



    More importantly though, PEP 272 is already implemented (in PyCrypto),
    and it's been in use awhile so people (like me) have code built around
    it, and experience with it.

    Again, I'd be happy with either, but PEP 272 / PyCrypto seems the
    leading horse in this race.


    [Trevor]
    >>So is this totally out of the question? Or would it be worth
    >>pursuing, through a PEP, or patch, or discussion on python-dev?

    >
    >
    > I'm not sure exactly what you're asking.


    Me neither, exactly... ;-) I'm just trying to gauge the interest or
    resistance to this, and see if there's any way I could help.


    Trevor
     
    Trevor Perrin, Apr 20, 2004
    #3
  4. Trevor Perrin

    Nick Efford Guest

    On Tue, 20 Apr 2004 02:41:58 +0000, Trevor Perrin wrote:

    > Me neither, exactly... ;-) I'm just trying to gauge the interest or
    > resistance to this, and see if there's any way I could help.


    I would definitely like to see better crypto in the standard library.


    N.
     
    Nick Efford, Apr 20, 2004
    #4
  5. Trevor Perrin

    Ed Suominen Guest

    Nick Efford wrote:

    > On Tue, 20 Apr 2004 02:41:58 +0000, Trevor Perrin wrote:
    >
    >> Me neither, exactly... ;-) I'm just trying to gauge the interest or
    >> resistance to this, and see if there's any way I could help.

    >
    > I would definitely like to see better crypto in the standard library.
    >
    >
    > N.


    Agreed. See http://privaria.org for an example of what I might do with it.
     
    Ed Suominen, Apr 20, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Luc The Perverse

    Java Source For Asymmetric Key Ciphers

    Luc The Perverse, Jan 16, 2006, in forum: Java
    Replies:
    54
    Views:
    2,086
    WhatIThink
    Feb 8, 2011
  2. mattpryor
    Replies:
    0
    Views:
    1,538
    mattpryor
    Apr 28, 2006
  3. Stone
    Replies:
    6
    Views:
    2,140
    Roedy Green
    Jun 19, 2011
  4. Jamis Buck

    openssl ciphers

    Jamis Buck, Apr 13, 2004, in forum: Ruby
    Replies:
    6
    Views:
    262
    Vance Heron
    Apr 16, 2004
  5. Terry

    openssl ciphers - revisited

    Terry, May 28, 2004, in forum: Ruby
    Replies:
    2
    Views:
    613
    GOTOU Yuuzou
    May 30, 2004
Loading...

Share This Page