开发者

How to check whether decrypting was successful?

开发者 https://www.devze.com 2022-12-15 17:17 出处:网络
When using blowfish algorithm from openssl library, one can encrypt and decrypt any data. Furthermore any data can be encrypted (decrypted) with any key\\iv. There is no way in openssl to tell whethe

When using blowfish algorithm from openssl library, one can encrypt and decrypt any data.

Furthermore any data can be encrypted (decrypted) with any key\iv. There is no way in openssl to tell whether decryption was successful or not. It's just some mathematical transformation.

So, what should I do to be sure that encryption w开发者_开发技巧as successful: that some data was decrypted with same key/iv which it was encrypted?

Should I add some MAGIC bytes in front of data that should be checked after decryption?


You can add a checksum (for instance, MD5 of the original content) at the end of the file. After you decrypt it, the last 16 bytes must again be equal to md5(content-16 bytes)


Of the many possible solutions, maybe consider using a CRC.


the checksum method at the end of the data is best I think, however it needs you to decrypt the entire content up to the end.

from this point of view, magic bytes at the beginning would be an advantage, because you can decide if decryption was successful at the very first block. however, one could argue that by inspection of your sourcecode, an attacker has a possible advantage (partially known plaintext scenario).

so what I did (finally within a productive software) was using the key itself for the first block (instead of using constant or predictable magic bytes). this results in the following additional knowledge for an attacker:

key = decrypt(ciphertext, key)

I didn't find a proof that this would be a useful hint for an attacker if you use e.g. AES. maybe someone knows more to this.


Magic bytes, checksums and encrypted encryption key all makes brute force attacks much easier as the attacker then only need to run through the 2ˆ256 possibilities where he can run the message through decrypt and look for that magic or the checksum or the key inside the decrypted data. It is much harder for him to break it if he has nothing to look for, meaning that he may break it and never realize it.

0

精彩评论

暂无评论...
验证码 换一张
取 消