ezPyCrypto keys

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • John Hunter
    #1

    ezPyCrypto keys


    I have been playing around with ezPyCrypto. I generated and printed a
    key with
    [color=blue][color=green][color=darkred]
    >>> import ezPyCrypto
    >>> k = ezPyCrypto.key( 2048)
    >>> print k.exportKey()[/color][/color][/color]

    I noticed there were a lot of N's and M's, too many to occur by chance

    s=k.exportKeyPr ivate()[color=blue][color=green][color=darkred]
    >>> s.count('N')/float(len(s))[/color][/color][/color]
    0.0978818998716 3029[color=blue][color=green][color=darkred]
    >>> s.count('M')/float(len(s))[/color][/color][/color]
    0.11

    I quit python and restarted it and generated a new key and found the
    same thing. Ditto when I exported the private key. I also found the
    keys generated in the two sessions to be quite similar (35% characters
    at a given position identical).

    What's going on? Is it abnormal for so many of the characters in the
    exported string to be the same? The machine I am running on is a
    server that rarely has anyone logged in directly. Is this a problem
    with not enough randomness in /dev/random?

    Thanks for any suggestions,
    John Hunter

    ezPyCrypto-0.1.1
    pycrypto-1.9a6
    python2.2
    mother:/var/tmp/ezPyCrypto-0.1.1> uname -a
    Linux mother.paradise .lost 2.4.9 #7 Fri Oct 12 15:20:49 CDT 2001 i686
    unknown


    Tags: None
    • Robert Kern
      #2
      Re: ezPyCrypto keys

      In article <mailman.106195 2360.8539.pytho [email protected] >,
      John Hunter <[email protected] sd.uchicago.edu > writes:

      [snip]
      [color=blue]
      > What's going on? Is it abnormal for so many of the characters in the
      > exported string to be the same? The machine I am running on is a
      > server that rarely has anyone logged in directly. Is this a problem
      > with not enough randomness in /dev/random?[/color]

      As Heiko suggests, it's just the serialization protocol that is creating
      this effect. ezPyCrypto keeps the key as a Python long, pickles it along
      with other information, then base64-encodes the resulting string. The
      pickled representation of a long doesn't contain the raw bytes; it
      contains the string representation, so the pickle contains a lot of
      decimal digits rather than a full 0-255 range of bytes. Naturally, this
      representation has redundancy which is made more apparent by the
      base64-encoding.

      All 2048 bits of entropy should still be there.
      [color=blue]
      > Thanks for any suggestions,
      > John Hunter[/color]

      --
      Robert Kern
      [email protected] u

      "In the fields of hell where the grass grows high
      Are the graves of dreams allowed to die."
      -- Richard Harter

        Comment

        Previous template Next
        Working...