First 8 byes of my encrypted data corrupting using 3DES and CBC

StackOverflow https://stackoverflow.com/questions/16349441

문제

I'm using PyCrypto in an application to encrypt data, but for some reason the first 8 bytes (corresponding to the first block) are coming through corrupt no matter what I do.

>>> from Crypto.Cipher import DES3
>>> from Crypto import Random
>>> iv = Random.new().read(DES3.block_size)
>>> key = Random.new().read(DES3.key_size[-1])
>>> des3 = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3.decrypt(des3.encrypt('12345678abcdefgh12345678'))
't\x1b\x0f\xcbD\x15M\xababcdefgh12345678'

I've read that that's a sign that the IV is corrupt, but those sources also say that using a mode other than CBC would result in the entire message corrupting. That isn't the case:

>>> des3 = DES3.new(key, DES3.MODE_CFB, iv)
>>> des3.decrypt(des3.encrypt('12345678abcdefgh12345678'))
'\xe1\x85\xae,\xf1m\x83\x9cabcdefgh12345678'

I can also rule out the cipher as the cause:

>>> from Crypto.Cipher import AES
>>> from Crypto import Random
>>> iv = Random.new().read(AES.block_size)
>>> key = Random.new().read(AES.key_size[-1])
>>> aes = AES.new(key, AES.MODE_CBC, iv)
>>> aes.decrypt(aes.encrypt('12345678abcdefgh12345678abcdefgh'))
'\xa7l\x00]\x1cW\xec\xd0\x04\x06\xba&\x1663\xd712345678abcdefgh'

Note that in this example the first 16 bytes are corrupt, which corresponds to AES' block size.

도움이 되었습니까?

해결책

You have to reset IV vector before decryption. Try this code:

>>> from Crypto.Cipher import DES3
>>> from Crypto import Random
>>> iv = Random.new().read(DES3.block_size)
>>> key = Random.new().read(DES3.key_size[-1])
>>> des3enc = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3dec = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3dec.decrypt(des3enc.encrypt('12345678abcdefgh12345678'))

IV vector is changing after encryption / decryption each block. You used the same instance of DES3 class for encrypting and decrypting the message, therefore you had incorrect IV for decryption.

Hope above code works - I didn't test it.

More about CBC mode: http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top