Skip to content

Loading…

Is this really AES-CBC? #2

Closed
andreasmueller opened this Issue · 2 comments

3 participants

@andreasmueller

Hello

I tried using your gem to decrypt data, which was encrypted by another application using 128 bit AES-CBC. However, only the first 16 bytes were decrypted correctly. Since this is exactly one block, and because of the fact that I can't specify an IV, I was wondering if maybe fast-aes implements ECB, rather than CBC.

As I understand it, the advantage of CBC is that two blocks with the same plaintext should not result in identical ciphertext. This is an easy way to verify the my assumption, by creating a file with e.g. 2x 128 bytes identical random data (i.e. 8 16 byte blocks with random data, and the same 8 blocks again) and encrypting it:

dd if=/dev/urandom bs=1 count=128 of=random-test-data
cat random-test-data >> random-test-data_x2
cat random-test-data >> random-test-data_x2

irb
require 'fast-aes'
=> true
f = open('random-test-data_x2','r')

=> #File:random-test-data_x2

data = f.read()
=> [..]

aes = FastAES.new('0123456789abcdef')
=> #FastAES:0x7fe37920aaa8

encrypted_data = aes.encrypt(data)
=> [..]

encrypted_data[0..127]==encrypted_data[128..255]
=> true

As the blocks 0-7 are identical to blocks 8-15, I assume that fast-aes indeed implements aes-ecb, rather than cbc.

Regards, Andreas

@udl
udl commented

seems, you're right!
we encrypted via php mcrypt_ecb and then could decrypt the result with fast-aes

@nateware
Owner

Hi all,

I have updated the README to properly reflect the fact that it is ECB. Thanks for the catch.

Best,
Nate

@nateware nateware closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.