All geek questions in one place

Padding - encryption algorithm

I am writing an implementation of the XXTEA encryption algorithm that works on "threads", i.e. can be used as: crypt mykey <myfile>.

One of the details is that he does not have access to the file at all (he only reads a block of a fixed size until he finds EOF). The algorithm requires that the data bytes be a multiple of 4, so it was necessary to add indentation.

For plain text, laying with NULL is a good solution, and NULL is simply ignored in decryption, but the same strategy cannot be used for binary streams (which may contain embedded NULLs).

I read general solutions, such as padding with the number of missing characters (if it missed 3 characters, then add 3, 3, 3 at the end), etc., but I wonder: a more elegant solution

+3
source share
4 answers

Reading the question, it seems that this aspect of security is controversial. Simply put, you have an api that expects to enter a few bytes of 4 bytes, which you don't always have.

3 , , . 0 exe , exe , . 0 pcx , pcx , .

, - , , , , : , .

+2

: http://msdn.microsoft.com/en-us/library/system.security.cryptography.paddingmode.aspx

, :

PKCS7. PKCS # 7 , .

ANSIX923 , .

ISO10126 .

:

: 01 01 01 01 01

PKCS № 7: 01 01 01 01 01 03 03 03

ANSIX923 01 01 01 01 01 00 00 03

ISO10126: 01 01 01 01 01 CD A9 03

+4

. , , , . , 4 - 64 , , .

, do-it-yourself - ; , . , this, , , - " " .

+3

, . RC4, , . , , , . ; RC4 .

If it needs to be filled, this is not an IMHO stream cipher. As if you type a multiple of 4 bytes or a multiple of 16 bytes, what's the big difference? And if it is filled with a multiple of 16 bytes, you can use almost any block cipher. In fact, your cipher is a block cipher, it just works with 4 byte blocks. It was a stream cipher in a system where each "character" is 4 bytes (for example, when encrypting UTF-32 text, in which case the data will always be short of 4, and therefore there will never be any additions).

-1
source

Source: https://habr.com/ru/post/1697889/

More articles:


All Articles