[pycrypto] Typo or bug?

Legrandin gooksankoo at hoiptorrow.mailexpire.com
Tue Jun 26 07:31:15 EDT 2012

> I think I have it working....
>  myiv = "some Random string"   # which is 16 bytes long....
>  encobj = AES.new(secret, AES.MODE_CFB, myiv)
> Would someone help me understand what is happening here please?
> I'm guessing on both encode and decode the 'myiv' string should be
> identical...
> but I'm unsure?
> https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.AES-module.html#new
> shows it in use, but with no explanation?
Choice of the IV is critical for security.
For CFB, the combination IV and key must be use only with one message, and
never occur again.
That is explained here:


IV needs indeed to be share by the party encrypting and by the party
decrypting the message.

Up to pycrypto 2.5, when no iv was provided to new() a string of zeroes was
automatically used.
Depending on your application, that may or may not be a problem. It is
wiser to always make iv explicit.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120626/e1bf90e4/attachment.html>

More information about the pycrypto mailing list