diff options
| author | Hynek Schlawack <hs@ox.cx> | 2013-11-07 13:31:46 -0800 |
|---|---|---|
| committer | Hynek Schlawack <hs@ox.cx> | 2013-11-07 13:31:46 -0800 |
| commit | 847532605b463cb1a73b4acde68dbf059f911501 (patch) | |
| tree | 1c6d083d8e40c410719c5874a545ccad913833b1 /docs/hazmat/primitives/symmetric-encryption.rst | |
| parent | 60d4c68845aff3d44902cb978231fa01a5e74359 (diff) | |
| parent | 9de452d02ed0be26a86526fed5695a3f1a3db3a3 (diff) | |
| download | cryptography-847532605b463cb1a73b4acde68dbf059f911501.tar.gz cryptography-847532605b463cb1a73b4acde68dbf059f911501.tar.bz2 cryptography-847532605b463cb1a73b4acde68dbf059f911501.zip | |
Merge pull request #233 from alex/better-cbc-docs
Clarify correct IV usage
Diffstat (limited to 'docs/hazmat/primitives/symmetric-encryption.rst')
| -rw-r--r-- | docs/hazmat/primitives/symmetric-encryption.rst | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst index 7d3b072d..6fa71767 100644 --- a/docs/hazmat/primitives/symmetric-encryption.rst +++ b/docs/hazmat/primitives/symmetric-encryption.rst @@ -163,9 +163,29 @@ Modes to be kept secret (they can be included in a transmitted message). Must be the same number of bytes as the - ``block_size`` of the cipher. Do not - reuse an ``initialization_vector`` with - a given ``key``. + ``block_size`` of the cipher. Each time + something is encrypted a new + ``initialization_vector`` should be + generated. Do not reuse an + ``initialization_vector`` with + a given ``key``, and particularly do + not use a constant + ``initialization_vector``. + + A good construction looks like: + + .. code-block:: pycon + + >>> import os + >>> iv = os.urandom(16) + >>> mode = CBC(iv) + + While the following is bad and will leak information: + + .. code-block:: pycon + + >>> iv = "a" * 16 + >>> mode = CBC(iv) .. class:: CTR(nonce) |