Databases
StackOverflow2013
Postsdbo
POAES 256 Encryption with PyCrypto using CBC mode - any weaknesses?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POAES 256 Encryption with PyCrypto using CBC mode - any weaknesses?
    text
    copied!<p>I have the following python script to encrypt/decrypt data using AES 256, could you please tell me if there's anything in the code that may make the encryption weak or if there's anything that I've not taken account of for AES 256 encryption using CBC mode? I've tested the script and it works fine, it is encrypting and decrypting data but just wanted a second opinion. Thanks.</p> <pre><code> from Crypto.Cipher import AES from Crypto import Random BLOCK_SIZE = 32 INTERRUPT = u'\u0001' PAD = u'\u0000' def AddPadding(data, interrupt, pad, block_size): new_data = ''.join([data, interrupt]) new_data_len = len(new_data) remaining_len = block_size - new_data_len to_pad_len = remaining_len % block_size pad_string = pad * to_pad_len return ''.join([new_data, pad_string]) def StripPadding(data, interrupt, pad): return data.rstrip(pad).rstrip(interrupt) SECRET_KEY = Random.new().read(32) IV = Random.new().read(16) cipher_for_encryption = AES.new(SECRET_KEY, AES.MODE_CBC, IV) cipher_for_decryption = AES.new(SECRET_KEY, AES.MODE_CBC, IV) def EncryptWithAES(encrypt_cipher, plaintext_data): plaintext_padded = AddPadding(plaintext_data, INTERRUPT, PAD, BLOCK_SIZE) encrypted = encrypt_cipher.encrypt(plaintext_padded) return encrypted def DecryptWithAES(decrypt_cipher, encrypted_data): decoded_encrypted_data = encrypted_data decrypted_data = decrypt_cipher.decrypt(decoded_encrypted_data) return StripPadding(decrypted_data, INTERRUPT, PAD) our_data_to_encrypt = u'abc11100000' encrypted_data = EncryptWithAES(cipher_for_encryption, our_data_to_encrypt) print ('Encrypted string:', encrypted_data) decrypted_data = DecryptWithAES(cipher_for_decryption, encrypted_data) print ('Decrypted string:', decrypted_data) </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload