FAQ
I've just started working with the Crypto library and I've already run
into a wall even though I'm following a tutorial. Basically, I'm trying
to encrypt a string using AES in CBC mode. Here is the code:


from Crypto import AES
import hashlib


text_to_encrypt = 'This is a super secret encrypted message, yo!'
key = '0123456789abcdef'
mode = AES.MODE_CBC
encryptor = AES.new(key, mode)


ciphertext = encryptor.encrypt(text)


When I run the code above, I am told that the IV must be 16 bytes long.
I'm assuming that the IV (I know that means "Initialization Vector") is
either the key OR something else I can set. But I don't know how or what
to do.


Does anyone see what is wrong with the code above and could suggest ways
to make it work? I've spent the last 45 minutes googling around and
nothing comes up specific to my problem.


Thanks,
Anthony

Search Discussions

  • Skip Montanaro at Aug 18, 2013 at 10:29 pm

    When I run the code above, I am told that the IV must be 16 bytes long.
    I'm assuming that the IV (I know that means "Initialization Vector") is
    either the key OR something else I can set. But I don't know how or what
    to do.

    Does this Stack Overflow thread help? It looks to me like you aren't
    defining an initialization vector at all.


    http://stackoverflow.com/questions/14716338/pycrypto-how-does-the-initialization-vector-work


    Skip
  • Anthony Papillion at Aug 19, 2013 at 12:32 pm

    On 08/18/2013 05:29 PM, Skip Montanaro wrote:
    When I run the code above, I am told that the IV must be 16 bytes long.
    I'm assuming that the IV (I know that means "Initialization Vector") is
    either the key OR something else I can set. But I don't know how or what
    to do.
    Does this Stack Overflow thread help? It looks to me like you aren't
    defining an initialization vector at all.

    http://stackoverflow.com/questions/14716338/pycrypto-how-does-the-initialization-vector-work

    Completely missed that Stack Overflow discussion. Thanks, Skip! That
    does help!


    Anthony
  • Roy Smith at Aug 18, 2013 at 10:52 pm
    In article <mailman.6.1376863028.19984.python-list@python.org>,
      Anthony Papillion wrote:

    I've just started working with the Crypto library and I've already run
    into a wall even though I'm following a tutorial. Basically, I'm trying
    to encrypt a string using AES in CBC mode. Here is the code:

    from Crypto import AES

    You don't say exactly what module you're using. I'm assuming
    https://www.dlitz.net/software/pycrypto/api/current/, yes?

    import hashlib

    text_to_encrypt = 'This is a super secret encrypted message, yo!'
    key = '0123456789abcdef'
    mode = AES.MODE_CBC
    encryptor = AES.new(key, mode)

    ciphertext = encryptor.encrypt(text)

    There's a good explanation of CBC in Wikipedia:


    http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher-block_
    chaining_.28CBC.29


    In a nutshell, AES-CBC works is to break the input up into 16-byte
    blocks. Each 16-byte block of input plaintext is encrypted to yield a
    16-byte block of ciphertext. This 16-byte ciphertext block is also fed
    forward into the encryption step for the next block.


    The IV is just the feed-forward block used for the first step. So, it
    has to be the same size as the cipher block (i.e. 16 bytes).


    AES can have different length keys (128, 192, or 256 bits), but the size
    of the cipher block is always 256 bits. This can get confusing because
    most people just use a 256 bit key and incorrectly assume that the key
    size and block size are somehow related. They're not. When you say:

    When I run the code above, I am told that the IV must be 16 bytes long.
    I'm assuming that the IV (I know that means "Initialization Vector") is
    either the key OR something else I can set.

    you're making that mistake. The key can't (in general) be used as the
    IV. In this particular case, you happen to have picked a key length
    which is the same as the block length, but that's just coincidence.


    What you need to do is pick a 16 byte (256 bit) IV.

    Does anyone see what is wrong with the code above and could suggest
    ways to make it work? I've spent the last 45 minutes googling around
    and nothing comes up specific to my problem.

    45 minutes is nothing when trying to understand crypto :-)


    I've never used this particular module, but from the docs, I think what
    you want to do is:


    iv = "SpamSpamSpamSpam"
    encryptor = AES.new(key, mode, iv)


    Keep in mind that the receiver will need the iv to decrypt your message.
  • Anthony Papillion at Aug 19, 2013 at 12:35 pm

    On 08/18/2013 05:52 PM, Roy Smith wrote:
    In article <mailman.6.1376863028.19984.python-list@python.org>,
    Anthony Papillion wrote:
    I've just started working with the Crypto library and I've already run
    into a wall even though I'm following a tutorial. Basically, I'm trying
    to encrypt a string using AES in CBC mode. Here is the code:

    from Crypto import AES
    You don't say exactly what module you're using. I'm assuming
    https://www.dlitz.net/software/pycrypto/api/current/, yes?

    <snip>


    Thank you, Roy, this was very helpful. You're right, I was confusing key
    size with the IV and I was tying the two together in an inappropriate
    (wrong) way.


    Thanks again!
    Anthony

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppython-list @
categoriespython
postedAug 18, '13 at 9:56p
activeAug 19, '13 at 12:35p
posts5
users3
websitepython.org

People

Translate

site design / logo © 2021 Grokbase