All geek questions in one place

Golang AES ECB Encryption

Attempts to emulate an algorithm in Go, which basically encrypts AES ECB mode.

That's what i still have

func Decrypt(data []byte) []byte { cipher, err := aes.NewCipher([]byte(KEY)) if err == nil { cipher.Decrypt(data, PKCS5Pad(data)) return data } return nil }

I also have a PKCS5Padding algorithm that is tested and works, which first loads the data. I cannot find information on how to switch encryption mode to Go AES package (this is definitely not in the docs ).

I have this code in another language, since I know that this algorithm does not work correctly.

EDIT: Here is the method that I interpreted on the problem page

 func AESECB(ciphertext []byte) []byte { cipher, _ := aes.NewCipher([]byte(KEY)) fmt.Println("AESing the data") bs := 16 if len(ciphertext)%bs != 0 { panic("Need a multiple of the blocksize") } plaintext := make([]byte, len(ciphertext)) for len(plaintext) > 0 { cipher.Decrypt(plaintext, ciphertext) plaintext = plaintext[bs:] ciphertext = ciphertext[bs:] } return plaintext }

This actually does not return any data, maybe I screwed something when I change it from encripting to decripting

+6
source share
4 answers

ECB is intentionally banned because it is unsafe, check question 5597 .

+6
source

I used your code, so I feel the need to show you how I fixed it.

I am making cryptopals to solve this problem in Go.

I will guide you through the error as the code is mostly correct.

 for len(plaintext) > 0 { cipher.Decrypt(plaintext, ciphertext) plaintext = plaintext[bs:] ciphertext = ciphertext[bs:] }

The loop decrypts the data, but does not put it anywhere. It simply shifts two arrays without creating an output.

 i := 0 plaintext := make([]byte, len(ciphertext)) finalplaintext := make([]byte, len(ciphertext)) for len(ciphertext) > 0 { cipher.Decrypt(plaintext, ciphertext) ciphertext = ciphertext[bs:] decryptedBlock := plaintext[:bs] for index, element := range decryptedBlock { finalplaintext[(i*bs)+index] = element } i++ plaintext = plaintext[bs:] } return finalplaintext[:len(finalplaintext)-5]

What this new enhancement is is to save the decrypted data into a new [] byte called finalplaintext. If you return, you will receive data.

This is important because the Decrypt function only works with one block size at a time.

I am returning the fragment because I suspect that it has been completed. I am new to cryptography. Go so that someone can fix / revise it.

+3
source

ESB is a very easy way to work. Encrypted data is divided into byte blocks having the same size. For each block, a cipher is used, in this case AES , generating an encrypted block.

The following is a snippet of code that decrypts AES-128 data in ECB (note that the block size is 16 bytes):

 package main import ( "crypto/aes" ) func DecryptAes128Ecb(data, key []byte) []byte { cipher, _ := aes.NewCipher([]byte(key)) decrypted := make([]byte, len(data)) size := 16 for bs, be := 0, size; bs < len(data); bs, be = bs+size, be+size { cipher.Decrypt(decrypted[bs:be], data[bs:be]) } return decrypted }

As @OneOfOne mentioned, ECBs are unsafe and very easy to detect, because duplicate blocks will always be encrypted into the same encrypted blocks. This Crypto SE answer gives a very good explanation of why.

+2
source

I was confused by several things.

At first I needed a version of the aes-256 algorithm, but obviously aes.Blocksize (16) will not change if the specified key is 32 in length. So just give a 32 key in order to create the aes-256 algorithm

Secondly, the decrypted value still contains indentation, and the padding value changes depending on the length of the encrypted string. For instance. when there are 5 fill characters, the fill character will be 5.

Here is my function that returns a string:

 func DecryptAes256Ecb(hexString string, key string) string { data, _ := hex.DecodeString(hexString) cipher, _ := aes.NewCipher([]byte(key)) decrypted := make([]byte, len(data)) size := 16 for bs, be := 0, size; bs < len(data); bs, be = bs+size, be+size { cipher.Decrypt(decrypted[bs:be], data[bs:be]) } // remove the padding. The last character in the byte array is the number of padding chars paddingSize := int(decrypted[len(decrypted)-1]) return string(decrypted[0 : len(decrypted)-paddingSize]) }
-1
source

Source: https://habr.com/ru/post/970417/

More articles:


All Articles