https://stackoverflow.com/questions/23205167
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianDecoding the strings, it seems
U2FsdGVkX19
decodes to
Salted_
so it's just a string added by CryptoJS as a salt
Why does this ciphertext always start with the same characters?
-
07-07-2023 - |
Question
I started toying with CryptoJS, and I noticed something strange: the ciphertext always starts with the same string of characters. Here is the code to perform the encryption (I know Math.random isn't cryptographically secure, this was just something quick and dirty).
function Controller($scope) {
$scope.Text = "";
$scope.CipherText = "";
$scope.Key = Math.random().toString();
$scope.Encrypt = function ($event) {
$scope.CipherText = CryptoJS.AES.encrypt($scope.Text, $scope.Key).toString();
}
}
With the HTML:
<div ng-controller="Controller">
<div>Your key is: "{{Key}}".</div>
<div>
<textarea ng-change="Encrypt()" ng-model="Text" maxlength="140">{{Text}}</textarea>
<br />
<span>{{Text.length}} of 140</span>
</div>
<div>
<textarea ng-model="CipherText" maxlength="216">{{CipherText}}</textarea>
<br />
<span>{{CipherText.length}} of 216</span>
</div>
</div>
After a few runs, I noticed that the base64 ciphertext always started with the same few characters. For the key 0.5640227501280606:
a: U2FsdGVkX19kMKXVbnJHKbEkrwctAm2YbOTnPmtGRCg=
b: U2FsdGVkX18+0sG2DQzVgHwxH2cvrSqaDIxOOkUt5YU=
c: U2FsdGVkX19xGQdT6OUhbyyg1zfgqpGnWvF5Ibqkuqc=
I've tried this with different keys, and different length plaintexts. The ciphertext always begins with U2FsdGVkX1. What's going on here? Is CryptoJS storing some internal information here? Or is this normal for AES under certain circumstances?
Solution
OTHER TIPS
The initial String added to the ciphertext is "Salted__" (without the quotes, two underscores at the end), indicating that the next eight bytes are the salt value, followed by the ciphertext.
This is likely to keep binary compatibility with OpenSSL which does the same if a password is used instead of a key. The key is then derived using EVP_BytesToKey function`. This is a proprietary protocol of OpenSSL, it is not a standardized method of adding a salt or deriving a key from a password.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
