aespython pure Python implementation of AES
Dec. 5, 2010, 9:10 a.m.
I was perplexed by the lack of an easy AES implementation in Python 3.x. Then I found out why (speed) and did it anyway.
If you want something that is done completely in Python, works easily with 3.x, isn't very bloated, and works best with small chunks of data; look no further. I have tried to write it so that there aren't a lot of question as to what is going on. Where possible I used "pythonic" code...except some parts of key expansion and other places where it seemed more readable to do otherwise.
Please note that this is slow. If you want fast, you should choose something that implements the encryption methods closer to the metal. In many newer processors they can accelerate this in the CPU. Python is at least a couple of orders of magnitude slower than C or CPU accelerated AES. That said, I took a lot of steps to optimize the code and where possible use pre-computed tables instead of doing the math in the program. The fact remains that an 8KB file is almost instant, but a 275KB file takes about 8 seconds. I'm open to further optimization.
All of the key components of the encryption have built in unit testing using test vectors found in NIST specifications and some I derived from those. To avoid performing a lot of math in the code I used lookup tables for sbox, i_sbox, rcon, and Galois multiplication.
I've included a demo.py file which will perform openssl-like aes-256-cbc encryption on files. It isn't meant to be super secure, though I think it is. It is just a way to look at the package in use. There could be a side-channel attack on my password->key,IV generation. I can't think of one, but I'm not a cryptography expert. I have tried to introduce entropy between the password and the key as well as between the key and the IV.
If you want to drop me a line for corrections or speed improvements, feel free to use the contact link.
tags( #code #python #aespython ) Tweet