|
|
|
|
|
|
by andrewcooke
4775 days ago
|
|
|
you really need hmac or similar. someone else already said, but in more words: in a practical system (that has error handling etc) your current approach can allow someone to provide fake data. if they can trick you into repeating the same message (random iv doesn't help) then they can use padding to work out what bits of iv to flip to give any first block. and you including length in message only makes that easier (no second block error). better: why not implement a lower level without crypto then layer a known good crypto on top? so just go for datagrams (udp), then add reliability (tcp), then add, say tls. I don't know much about this (sorry), but I bet once you have udp there are libraries to do almost all the rest. |
|
|
https://pypi.python.org/pypi/simple-crypt
for python 2 it is still a good pycrypto example - the code is pretty simple.