Nobody <nob...@nowhere.com> writes: > RC4 (aka ArcFour) is quite trivial to implement, and better than inventing > your own cipher or using a Vignere: ...
That's a cute implementation, but it has no authentication and doesn't include any randomness, which means if you use the same key for two inputs, there is a security failure (xor'ing the two ciphertexts reveals the xor of the plaintexts). It also looks rather slow. I don't make any guarantees about p3.py, but it has been reviewed by several experts and appears to be reasonably sound for the type of casual use being discussed here, and it is tuned for speed (given the implementation constraints). For more demanding purposes, you should use a more serious library like one of the OpenSSL wrappers. -- http://mail.python.org/mailman/listinfo/python-list
