Paul Rubin <http> wrote: > An AES or DES addition to an existing module that implements just one > call: > ECB(key, data, direction) > would be a huge improvement over what we have now. A more complete > crypto module would have some additional operations, but ECB is the > only one that's really essential.
I would hate to see a module which only implemented ECB. Sure its the only operation necessary to build the others out of, but its the least secure mode of any block cipher. If you don't offer users a choice, then they'll use ECB and just that along with all its pitfalls, meanwhile thinking that they are secure because they are using AES/DES... For those people following along at home (I'm sure everyone who has contributed to thread knows this already) I tried to find a simple link to why ECB is bad, this PDF is the best I could come up with, via Google's Cache. http://www.google.com/search?q=cache:U5-RsbkSs0MJ:www.cs.chalmers.se/Cs/Grundutb/Kurser/krypto/lect04_4.pdf -- Nick Craig-Wood <[EMAIL PROTECTED]> -- http://www.craig-wood.com/nick -- http://mail.python.org/mailman/listinfo/python-list
