[Python-Dev] AES cipher implementation in standard library (original) (raw)
大野隆弘 oono0114 at gmail.com
Wed Sep 5 10:25:39 EDT 2018
- Previous message (by thread): [Python-Dev] AES cipher implementation in standard library
- Next message (by thread): [Python-Dev] AES decryption/encryption support for zipfile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sorry, allow me to ask one more thing. If I want to use AES in zipfile module, what the good way to implement?
Thanks and Regards,
Takahiro Ono
2018年9月5日(水) 23:01 大野隆弘 <oono0114 at gmail.com>:
Christian, really appreciated the details. I understood.
Is wrapper library like ssl module with openssl on platform also not good idea? My intention is not re-invention but single standard way as standard library. If I can read past discussion somewhere, it's also appreciated Thanks and Regards, Takahiro Ono
2018年9月5日(水) 1:48 Christian Heimes <christian at python.org>: On 2018-09-04 16:37, 大野隆弘 wrote: > Dear all, > > Have we tried cipher implementation includes AES as a standard library > in the past? > https://docs.python.org/3.6/library/crypto.html > > if possible I want to try to implement AES because famous 3rd party > library is not maintained and general cipher programs should be used for > multiple purpose.Though the implementation is tough, I believe this > should be worth to it. > In my case, I want to use AES implementation for zipfile module. strong -1 The Python standard library doesn't contain any encryption, signing, and other cryptographic algorithms for multiple reasons. The only exception from the rule are hashing algorithms and HMAC construct. There are legal implications like export restrictions. Crypto is just too hard to get right and we don't want to give the user additional rope. We already had a very lengthy and exhausting discussion for the secrets module. That module just provides a user-friendly interface to CPRNG. By the way, AES by itself is a useless to borderline dangerous algorithm. It must be embedded within additional layers like block mode, authenticated encryption / MAC, and more. There isn't a single correct answer for block mode and AD algorithm, too. It highly depends on the problem space. While GCM AEAD mode is good choice for network communication, it can be a pretty bad idea for persistent storage. There is one excellent Python library with high level and low level cryptographic algorithms: http://cryptography.readthedocs.io/ . It's t Regards, Christian -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20180905/173d3887/attachment.html>
- Previous message (by thread): [Python-Dev] AES cipher implementation in standard library
- Next message (by thread): [Python-Dev] AES decryption/encryption support for zipfile
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]