All geek questions in one place

I just wanted a DES 4096 byte of data with a 128-bit key

... and that nice people in OpenSSL who kindly provided me with this. :)

Now, since you should not guess when using cryptography , I come here to confirm: what function call do I want to use?

What i understood

The 128-bit key is 16 bytes in size, so I need a double DES (2 × 8 bytes). This leaves me with just a few function calls:

void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc); void DES_ede2_cbc_encrypt(const unsigned char *input, unsigned char *output, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_cblock *ivec, int enc); void DES_ede2_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_cblock *ivec, int *num, int enc); void DES_ede2_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, DES_key_schedule *ks1, DES_key_schedule *ks2, DES_cblock *ivec, int *num);

In this case, I think the function that I want to call DES_ede2_cfb64_encrypt , although I'm not so sure, I definitely do not need to fill in here, and I will need to take care that ivec and num , and how I want to generate them ...

What am I missing?

+4
source share
1 answer

DES_ede2_cbc_encrypt is a common choice. As for ivec (an 8-byte array), one of its functions is to prevent the same message encryption for the same encrypted text in a predictable way; if the adversary can tell from two encrypted texts whether they will encrypt the same plaintext (or only the same initial blocks), they can use this information. Thus, a different ivec used for each message; it should not be secret, just different. If you are really sure that you do not need it, you can set it to eight zero bytes. (For example, if you just use the key once, it is safe for this.)

+3
source

Source: https://habr.com/ru/post/1334864/

More articles:


All Articles