16-bit Block Size on TripleDES CFB in C#

StackOverflow https://stackoverflow.com/questions/11246364

  •  17-06-2021
  •  | 
  •  

Question

I'm writing an application in C# that needs to decrypt some data that was encrypted by some legacy software. The legacy code loops over the unencrypted bytes in chunks of 8 and encrypts them via TripleDES in CBC mode. It then handles the remaining bytes by using TripleDES CFB, using a block size of the remaining amount (in this specific case, 2).

I can unencrypt the data from the first phase fine in C# using System.Security.Cryptography.TripleDES, since it allows for block sizes of 64 bits (8 bytes). The TripleDES class won't allow for a block size of 16 bits, however. The following code throws an error that says "Specified block size is not valid for this algorithm":

TripleDES provider = TripleDESCryptoServiceProvider.Create();
provider.Mode = CipherMode.CFB;
provider.BlockSize = 16; // exception thrown here

I'm assuming this is in place due to the weak nature of small block sizes. Unfortunately, it's what I'm stuck with. Are there any free third-party libraries that might support a 16-bit block size for TripleDES/CFB? Or are there any tricks I can use on this data set to make this work? I've checked the DES class to see if it supports 16-bit block sizes, but no dice...

I'm no cryptography expert, so if I end up having to roll my own code for TripleDES (over 2 bytes...grrr), any straight-forward articles on the details of the algorithm would be super helpful.

Was it helpful?

Solution

One possibility is that the last two bytes of the plaintext are simply XORed with the two bytes of the final encrypted cipher block, and the remainder is discarded. It should be simple enough to get this behavior using the .NET classes.

  1. Set the blocksize to 64 bits.
  2. Set the mode to CFB.
  3. Set the feedback size to 64 bits
  4. Pad the input to be a multiple of 8 bytes. It doesn't matter what padding you use because you are going to throw away the extra data.
  5. Transform the blocks.
  6. Throw away the residue.

OTHER TIPS

Though MSDN says you can set block size through that property, I think it's impossible to set 16-bit block size for 3DES since DES (and 3DES) was created to use 64-bit blocks only.

I guess that legacy software uses some padding scheme for the last block to be encrypted. Usually it's filling the remaining bytes with random values, and saving the number of these not-needed bytes to the last byte.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top