[pycrypto] Typo or bug?
dave.pawson at gmail.com
Tue Jun 26 07:59:29 EDT 2012
On 26 June 2012 12:31, Legrandin <gooksankoo at hoiptorrow.mailexpire.com> wrote:
> Choice of the IV is critical for security.
> For CFB, the combination IV and key must be use only with one message, and
> never occur again.
> That is explained here:
(I think I need more reading to select one!)
> IV needs indeed to be share by the party encrypting and by the party
> decrypting the message.
> Up to pycrypto 2.5, when no iv was provided to new() a string of zeroes was
> automatically used.
> Depending on your application, that may or may not be a problem. It is wiser
> to always make iv explicit.
Which explains why my 'old' code failed. Thanks.
Needing both key and iv... It sounds like asking for two keys to unlock a box?
Is that the idea?
XSLT XSL-FO FAQ.
More information about the pycrypto