pycrypto AES CBC
up vote
0
down vote
favorite
I have written some code using the pycrypt library and I must be doing something wrong, but I can't figure out what it is that I am doing wrong. I can (nearly) decrypt messages with the wrong initialization vector even though I believe I am following their examples.
from Crypto.Cipher import AES
import os
from string import ascii_letters
key, iv = os.urandom(32), os.urandom(16)
cipher = AES.new(key, AES.MODE_CBC, iv)
plaintext = ascii_letters
plaintext += ' ' * (-len(plaintext) % 16) # Padding
ciphertext = cipher.encrypt(plaintext)
cipher = AES.new(key, AES.MODE_CBC, os.urandom(16))
text = cipher.decrypt(ciphertext)
# text[16:] = b'qrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ '
Now aside from the first 16 bytes of the decrypted text, you have everything decrypted correctly with a totally random choice of IV. Can someone help me figure out where I am going wrong?
python encryption aes pycrypto
asked Nov 10 at 0:21
Lars
61
add a comment |
up vote
0
down vote
favorite
I have written some code using the pycrypt library and I must be doing something wrong, but I can't figure out what it is that I am doing wrong. I can (nearly) decrypt messages with the wrong initialization vector even though I believe I am following their examples.
from Crypto.Cipher import AES
import os
from string import ascii_letters
key, iv = os.urandom(32), os.urandom(16)
cipher = AES.new(key, AES.MODE_CBC, iv)
plaintext = ascii_letters
plaintext += ' ' * (-len(plaintext) % 16) # Padding
ciphertext = cipher.encrypt(plaintext)
cipher = AES.new(key, AES.MODE_CBC, os.urandom(16))
text = cipher.decrypt(ciphertext)
# text[16:] = b'qrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ '
Now aside from the first 16 bytes of the decrypted text, you have everything decrypted correctly with a totally random choice of IV. Can someone help me figure out where I am going wrong?
python encryption aes pycrypto
asked Nov 10 at 0:21
Lars
61
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have written some code using the pycrypt library and I must be doing something wrong, but I can't figure out what it is that I am doing wrong. I can (nearly) decrypt messages with the wrong initialization vector even though I believe I am following their examples.
from Crypto.Cipher import AES
import os
from string import ascii_letters
key, iv = os.urandom(32), os.urandom(16)
cipher = AES.new(key, AES.MODE_CBC, iv)
plaintext = ascii_letters
plaintext += ' ' * (-len(plaintext) % 16) # Padding
ciphertext = cipher.encrypt(plaintext)
cipher = AES.new(key, AES.MODE_CBC, os.urandom(16))
text = cipher.decrypt(ciphertext)
# text[16:] = b'qrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ '
Now aside from the first 16 bytes of the decrypted text, you have everything decrypted correctly with a totally random choice of IV. Can someone help me figure out where I am going wrong?
python encryption aes pycrypto
asked Nov 10 at 0:21
Lars
61
I have written some code using the pycrypt library and I must be doing something wrong, but I can't figure out what it is that I am doing wrong. I can (nearly) decrypt messages with the wrong initialization vector even though I believe I am following their examples.
from Crypto.Cipher import AES
import os
from string import ascii_letters
key, iv = os.urandom(32), os.urandom(16)
cipher = AES.new(key, AES.MODE_CBC, iv)
plaintext = ascii_letters
plaintext += ' ' * (-len(plaintext) % 16) # Padding
ciphertext = cipher.encrypt(plaintext)
cipher = AES.new(key, AES.MODE_CBC, os.urandom(16))
text = cipher.decrypt(ciphertext)
# text[16:] = b'qrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ '
Now aside from the first 16 bytes of the decrypted text, you have everything decrypted correctly with a totally random choice of IV. Can someone help me figure out where I am going wrong?
python encryption aes pycrypto
python encryption aes pycrypto
asked Nov 10 at 0:21
Lars
61
asked Nov 10 at 0:21
Lars
61
asked Nov 10 at 0:21
Lars
61
asked Nov 10 at 0:21
Lars
61
asked Nov 10 at 0:21
Lars
61
61
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
That's normal for cipher block chaining. In CBC decryption, the IV is only necessary to reconstruct the first block of plaintext. The computation of other blocks of plaintext doesn't actually involve the IV. Here's a diagram (source: Wikimedia user WhiteTimberwolf, public domain):
answered Nov 10 at 0:34
user2357112
148k12151240
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
That's normal for cipher block chaining. In CBC decryption, the IV is only necessary to reconstruct the first block of plaintext. The computation of other blocks of plaintext doesn't actually involve the IV. Here's a diagram (source: Wikimedia user WhiteTimberwolf, public domain):
answered Nov 10 at 0:34
user2357112
148k12151240
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
add a comment |
up vote
1
down vote
That's normal for cipher block chaining. In CBC decryption, the IV is only necessary to reconstruct the first block of plaintext. The computation of other blocks of plaintext doesn't actually involve the IV. Here's a diagram (source: Wikimedia user WhiteTimberwolf, public domain):
answered Nov 10 at 0:34
user2357112
148k12151240
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
add a comment |
up vote
1
down vote
up vote
1
down vote
That's normal for cipher block chaining. In CBC decryption, the IV is only necessary to reconstruct the first block of plaintext. The computation of other blocks of plaintext doesn't actually involve the IV. Here's a diagram (source: Wikimedia user WhiteTimberwolf, public domain):
answered Nov 10 at 0:34
user2357112
148k12151240
That's normal for cipher block chaining. In CBC decryption, the IV is only necessary to reconstruct the first block of plaintext. The computation of other blocks of plaintext doesn't actually involve the IV. Here's a diagram (source: Wikimedia user WhiteTimberwolf, public domain):
answered Nov 10 at 0:34
user2357112
148k12151240
answered Nov 10 at 0:34
user2357112
148k12151240
answered Nov 10 at 0:34
user2357112
148k12151240
answered Nov 10 at 0:34
user2357112
148k12151240
148k12151240
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
add a comment |
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
So I guess I was misunderstanding the role of the IV. It is only there to make it more difficult to unravel the encryption by adding additional mixing, but not to add any additional element of security beyond the secrecy of the key. Thanks!
– Lars
Nov 10 at 11:49
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
@Lars: The IV does improve security; attacks that would be possible if CBC did not have an IV are not possible due to the IV. However, it is not supposed to be a secret, and the fact that most of the plaintext can be recovered without the IV does not reduce the system's security.
– user2357112
Nov 10 at 15:01
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53234913%2fpycrypto-aes-cbc%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
