Package Cryptodome :: Package Cipher :: Module _mode_ctr :: Class CtrMode

Class CtrMode

object --+
         |
        CtrMode

CounTeR (CTR) mode.

This mode is very similar to ECB, in that encryption of one block is done independently of all other blocks.

Unlike ECB, the block position contributes to the encryption and no information leaks about symbol frequency.

Each message block is associated to a counter which must be unique across all messages that get encrypted with the same key (not just within the same message). The counter is as big as the block size.

Counters can be generated in several ways. The most straightword one is to choose an initial counter block (which can be made public, similarly to the IV for the other modes) and increment its lowest m bits by one (modulo 2^m) for each block. In most cases, m is chosen to be half the block size.

See NIST SP800-38A, Section 6.5 (for the mode) and Appendix B (for how to manage the initial counter block).

Instance Methods
 
encrypt(self, plaintext)
Encrypt data with the key and the parameters set at initialization.
 
decrypt(self, ciphertext)
Decrypt data with the key and the parameters set at initialization.

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __init__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Instance Variables
  nonce
Nonce; not available if there is a fixed suffix
  block_size
The block size of the underlying cipher, in bytes.
Properties

Inherited from object: __class__

Method Details

encrypt(self, plaintext)

 

Encrypt data with the key and the parameters set at initialization.

A cipher object is stateful: once you have encrypted a message you cannot encrypt (or decrypt) another message using the same object.

The data to encrypt can be broken up in two or more pieces and encrypt can be called multiple times.

That is, the statement:

>>> c.encrypt(a) + c.encrypt(b)

is equivalent to:

>>> c.encrypt(a+b)

This function does not add any padding to the plaintext.

Parameters:
  • plaintext (byte string) - The piece of data to encrypt. It can be of any length.
Returns:
the encrypted data, as a byte string. It is as long as plaintext.

decrypt(self, ciphertext)

 

Decrypt data with the key and the parameters set at initialization.

A cipher object is stateful: once you have decrypted a message you cannot decrypt (or encrypt) another message with the same object.

The data to decrypt can be broken up in two or more pieces and decrypt can be called multiple times.

That is, the statement:

>>> c.decrypt(a) + c.decrypt(b)

is equivalent to:

>>> c.decrypt(a+b)

This function does not remove any padding from the plaintext.

Parameters:
  • ciphertext (byte string) - The piece of data to decrypt. It can be of any length.
Returns:
the decrypted data (byte string).