开发者

Decrypt cipher text if know key, plain text, and somewhat sure of algorithm

开发者 https://www.devze.com 2023-02-19 07:20 出处:网络
Say I know that: a) Some plain text was encrypted with the following 128 bit key: 7, 185,138,208,128,211,227,11,63,145,255,245,1,7,177,231

Say I know that:

a) Some plain text was encrypted with the following 128 bit key: 7, 185,138,208,128,211,227,11,63,145,255,245,1,7,177,231

b) An empty string ALWAYS encrypts to the following base64: MEUxILm04F/S2qSIlJKdPQ==

c) A string of 662-862-4967 ALWAYS encrypts to the following base64: Zu51CRz6DOsTiLc8KhP1Aw==

d) The encryption method is likely AES 128 with a 128 bit block size.

Is is possible (and/or straigtforward) to back out the IV that was used if AES was implemented in CBC mode?

I've been trying to recreate the cypher text of MEUxILm04F/S2qSIlJKdPQ== (after base64) in .net using RijndaelManaged() in various modes and with (where applicable) different simple IVs like all zeros but I cannot reproduce.

Here's the code I'm using to try and encrypt a blank string to get MEUxILm04F/S2qSIlJKdPQ== with the key input as above (the commented lines are things I've tried):

Public Shared Function Encrypt(ByVal toEncrypt As String, ByVal keyArray As [Byte]()) As String

      Dim toEncryptArray As Byte() = UTF8Encoding.UTF8.GetBytes(toEncrypt)

      'Dim IV As Byte() = New Byte() {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}
      Dim IV As Byte() = New Byte(15) {}

      Dim rDel As New Rijnd开发者_如何学GoaelManaged()
      rDel.KeySize = 128
      rDel.BlockSize = 128

      rDel.IV = IV

      rDel.Key = keyArray
      'rDel.Mode = CipherMode.ECB   
      rDel.Mode = CipherMode.CBC

      rDel.Padding = PaddingMode.PKCS7
      'rDel.Padding = PaddingMode.Zeros

      Dim cTransform As ICryptoTransform = rDel.CreateEncryptor()
      Dim resultArray As Byte() = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length)
      Return Convert.ToBase64String(resultArray, 0, resultArray.Length)
   End Function


In CBC mode, the IV is XORed with the plaintext before encryption.

Therefore, extracting the IV for the first block (your outputs are both 128 bits) with an empty plaintext is equivalent to decrypting that block with your key.

However, your "128 bit key" appears to be 8 bits short, so I was unable to calculate the IV.

I used the following arguments to OpenSSL:

echo 'MEUxILm04F/S2qSIlJKdPQ==' | \
openssl enc -d -base64 | \
openssl enc -d -aes-128-ecb -K 'B98AD080D3E30B3F91FFF50107B1E7'
0

精彩评论

暂无评论...
验证码 换一张
取 消