You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the cleartext contents of this encrypted string are known, it is possible to alter the content of the encrypted string without knowledge of the key:
var tmp = Buffer.from(encryptedString, "hex");
var b1 = Buffer.from("bacon"), b2 = Buffer.from("hello");
for (var i = 0; i < b1.length; i++) {
tmp[i + 16] ^= b1[i] ^ b2[i];
}
var ep = tmp.toString("hex");
console.log(ep); // "bcb23b81c4839d06644792878e569de4f855ff8306"
And it decrypts to the target value:
var dp = cryptr.decrypt(ep);
console.log(dp); // "hello"
This is a really big deal from a cryptographic perspective. An attacker has just modified an encrypted message in transit, and you have no way of detecting it.
AES-CTR is not an appropriate cryptographic primitive for this use case. (Ironically, the previous choice of AES-CBC was somewhat less vulnerable to this attack.)
The text was updated successfully, but these errors were encountered:
Messages encrypted with Cryptr are vulnerable to malleability attacks.
For example, given the encrypted string from the usage sample:
If the cleartext contents of this encrypted string are known, it is possible to alter the content of the encrypted string without knowledge of the key:
And it decrypts to the target value:
This is a really big deal from a cryptographic perspective. An attacker has just modified an encrypted message in transit, and you have no way of detecting it.
AES-CTR is not an appropriate cryptographic primitive for this use case. (Ironically, the previous choice of AES-CBC was somewhat less vulnerable to this attack.)
The text was updated successfully, but these errors were encountered: