Geek Answers Handbook

Python: how to add RSA add-on?

I reviewed most python cryptographic libraries, I decided to use either PyCrypto or M2Crypto.
I dropped ezPyCrypto because it only supports MD5 for signature and Keyczar because it is not mature enough.

So, I read that RSA is vulnerable to several attacks if the encrypted text (or hash signature) is incorrectly filled out. What does it mean?
Neither PyCrypto nor M2Crypto say anything about this, and Google did not find anything suitable. Do these libraries automatically add paddign? How can I say?

If the answer to the above is missing, then what is considered the right complement?

+4
source share
5 answers

PyCrypto does not add the specified add-on.
M2Crypto does instead.

M2Crypto is built on top of openSSL, it basically supports everything you need, it is still supported and updated, and PyCrypto gives several warnings about the failure.

+6
source

One of the reasons for accidentally filling it out may be that from the RSA book with a low rate (say 3), you can simply crack it if the same message is sent to several people (three).

Therefore, you better make sure that you are not sending the same message by applying some random (but reversible) conversion to your message earlier.

Maybe this is something like an add-on !?

EDIT: I looked at Wikipedia. what I talked about is called the Hestad attack.

+3
source

I recently struggled to find out encryption ... this article really helped explain what happened by filling in:

http://www.di-mgt.com.au/cryptopad.html

(the method seemed to be the easiest for me)

I can share some code snippets if necessary.

PS This file also helped a lot to create secure keys (Google for it). PBKDF2.py - PKCS # 5 v2.0. Password output based on password.

+1
source

Not quite sure, but if you add a random component to the RSA message, it will prevent dictionary attacks

0
source

First, you should use AES, as it is a de facto standard.

AES encrypts bytes with a block size of 16 bytes. Obviously, this is great for any large piece of data. But the last bit, obviously, can be less than 16 bytes.

For the last block you will need to place it, and a typical addition is done through PCKS7, which is pretty straight forward.

Suppose you have a line: "icecream" as the last block.

"icecream" is 8 bytes, so you need 8 more bytes to make a block

So you just add the character 8 (not 8) 8 times

 "icecream\x08\x08\x08\x08\x08\x08\x08\x08"

There will be your final line. You will now encrypt the data.

Remember that when decrypting, you will need to catch this last block and remove the gasket before using it.

0
source

More articles:


All Articles