How to create a strong one-time session key for AES in python

Question

How to create a strong one-time session key for AES in python

I use M2Crypto AES to encrypt the message, but they are confused about how to create a strong random session key and how long. M2Crypto provides any function for generating a random key.

+5

python m2crypto

user553947 Feb 15 '11 at 7:35

source share

3 answers

M2Crypto .

:

import os
from M2Crypto import EVP

k = EVP.Cipher(alg='aes_128_cbc', key=os.urandom(16), iv=os.urandom(16), op=enc)

+3

user7305 15 . '11 10:38

If you are encrypting to send to the other side, then you want to do something like Diffie Hellman or ECDH key exchange to establish a shared secret. If you just want to encrypt for storage, you need a secure random number generator. I do not believe M2Crypto provides this?

It looks like M2Crypto supports Diffie Hellman.

0

James Feb 15 '11 at 9:50

source share

Dmitry Dvoinikov · Accepted Answer · 2011-02-15T08:55:29+0000

AES- 128 has 128 key bits = 16 bytes.

random_key = os.urandom(16)

should be sufficient for most applications. When you submit this random value to M2 (or any other cryptographic library), it is internally converted to the "key schedule" actually used for encryption.

How to create a strong one-time session key for AES in python

More articles: