[erlang-questions] blowfish cbc mode decrypt

Bogdan Andu bog495@REDACTED
Thu Nov 12 10:03:49 CET 2015


RFC2898 (PKCS#5) describes PBKDF2 function,
so would be nice to have such functions available
for Key derivation for encryption and for MAC computations
At least this could be handled in user code.

CouchDB project has also a PBKDF2 implementation

Other issues would be :
1) padding for CBC mode - should be done internally
2) an universal accepted (and implemented) protocol
    for key derivation in encryption schemes

Bogdan

On Thu, Nov 12, 2015 at 1:00 AM, Technion <technion@REDACTED> wrote:

> Hi,
>
>
> I appreciate in this case, the limitation is meeting compatibility with an
> existing product.
>
>
> In terms of "things missing", if the goal is just "strong crypto", it's
> hard to go past libsodium, which has this erlang binding:
>
>
> https://github.com/tonyg/erlang-nacl
>
> <https://github.com/tonyg/erlang-nacl>
> tonyg/erlang-nacl · GitHub
> erlang-nacl - Erlang binding to NaCl in the form of libsodium.
> Read more... <https://github.com/tonyg/erlang-nacl>
>
>
>
>
>
>
> ------------------------------
> *From:* Bogdan Andu <bog495@REDACTED>
> *Sent:* Wednesday, 11 November 2015 7:28 PM
> *To:* Technion
> *Cc:* Dmitry Kolesnikov; Erlang
> *Subject:* Re: [erlang-questions] blowfish cbc mode decrypt
>
> the purpose of this function was to handle
> encrypted data generated by Crypt::CBC perl module from cpan:
> http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm
>
> <http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm>
> Crypt::CBC - search.cpan.org
> NAME . Crypt::CBC - Encrypt Data with Cipher Block Chaining Mode. SYNOPSIS
> use Crypt::CBC; $cipher = Crypt::CBC->new( -key => 'my secret key ...
> Read more... <http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm>
>
>
>
>
> funny thing is there is php module (that emulates Crypt::CBC):
> http://pear.php.net/package/Crypt_CBC
>
> may be a more general approach would be to make use of PBKDF2
> and *ALL* implementation must agree on a single pbkdf algorithm.
>
>
> I have also observed that padding is not handled also for blowfish_cbc
> block cipher, at least.
>
> Basically there are few things  missing for non-ECB mode of operations
> (CBC, CFB, CRT, )for block ciphers,
> among them being padding and an universal password-based key derivation
> function algorithm.
>
> Bogdan
>
> On Wed, Nov 11, 2015 at 1:22 AM, Technion <technion@REDACTED> wrote:
>
>> Hi,
>>
>>
>> I'm not sure if you have other mitigating code, but I'd be concerned
>> about calling two calls to MD5 on a passphrase a "derived key" - this would
>> be very weak crypto.
>>
>>
>> ------------------------------
>> *From:* erlang-questions-bounces@REDACTED <
>> erlang-questions-bounces@REDACTED> on behalf of Bogdan Andu <
>> bog495@REDACTED>
>> *Sent:* Wednesday, 11 November 2015 12:51 AM
>> *To:* Dmitry Kolesnikov
>> *Cc:* Erlang
>> *Subject:* Re: [erlang-questions] blowfish cbc mode decrypt
>>
>> I was thinking that is handled internally...
>>
>> however, this did the trick (for randomiv mode of operation):
>>
>> blowfish_key_from_key(Key) ->
>>     Temp = crypto:md5(Key),
>>     blowfish_key_from_key1(Temp).
>>
>> blowfish_key_from_key1(Temp) when size(Temp) < 56 ->
>>     Temp1 = crypto:md5(Temp),
>>     blowfish_key_from_key1(<<Temp/binary, Temp1/binary>>);
>>
>> blowfish_key_from_key1(Temp) ->
>>     <<Temp1:56/binary, _Rest/bitstring>> = Temp,
>>     Temp1.
>>
>> I think that crypto should have this kind oh helper functions
>> because , like in cases of blowfish cipher , whose key length can
>> be variable, could be useful in using the cipher correctly, and people
>> would know that some things are not implied.
>>
>> Thanks,
>> Bogdan
>>
>>
>> On Tue, Nov 10, 2015 at 1:15 PM, Dmitry Kolesnikov <
>> dmkolesnikov@REDACTED> wrote:
>>
>>> Hello,
>>>
>>> Yes, this want I thought. You are using wrong key to decrypt data on
>>> Erlang side.
>>>
>>> Please notice that
>>>
>>> “Crypt::CBC can derive the key and the IV from a passphrase that you
>>> provide, or can let you specify the true key and IV manually…
>>>
>>> The -key argument provides either a passphrase to use to generate the
>>> encryption key, or the literal value of the block cipher key. If used in
>>> passphrase mode (which is the default), -key can be any number of
>>> characters; the actual key will be derived by passing the passphrase
>>> through a series of MD5 hash operations.”
>>>
>>> So, in your example Key is not an encryption key, this is a pass-phrase.
>>> The Erlang’s implementation expects that you provides actual key.
>>>
>>> I do not know how perl’s Crypt::CBC derives the key from perspires. You
>>> can either reverse engineer that piece of code or you can use literal key.
>>>
>>>
>>> Best Regards,
>>> Dmitry
>>>
>>>
>>> > On Nov 10, 2015, at 11:58 AM, Bogdan Andu <bog495@REDACTED> wrote:
>>> >
>>> > use strict;
>>> > use warnings;
>>> > use MIME::Base64;
>>> >
>>> > use Crypt::CBC;
>>> > #use Digest::HMAC_SHA1 qw(hmac_sha1 hmac_sha1_hex);
>>> > use PHP::Serialization qw(serialize unserialize);
>>> >
>>> > my $pt = 'a:10:{s:6:"adresa";s:89:"Address 2 TEST
>>> \xc3\x84\xc2\x83\xc3\x83\xc2\xae\xc3\x88\xc2\x99\xc3\x88\xc2\x9b\xc3\x88\xc2\x99\xc3\x88\xc2\x9bbl
>>> 7bap 71district
>>> XXXBucure\xc3\x88\xc2\x99tiJUDE\xc3\x88\xc2\x9a031905RO";s:4:"info";i:1460382;s:7:"urlback";s:41:"
>>> https://192.162.16.116:8020/snep_response";s:4:"cuip";s:18:"Cererea nr
>>> 1460382";s:6:"idtaxa";i:5001;s:5:"email";s:16:"xxx123@REDACTED";s:4:"nume";s:55:"\xc3\x88\xc2\x99
>>> \xc3\x88\xc2\x9b \xc3\x84\xc2\x83 \xc3\x83\xc2\xae \xc3\x83\xc2\xa2
>>> \xc3\x83\xc2\x82 \xc3\x83\xc2\x8e \xc3\x84\xc2\x82 \xc3\x88\xc2\x98
>>> \xc3\x88\xc2\x9a u\xc3\x83\xc2\xa7";s:3:"cui";s:18:"Cererea nr
>>> 1460382";s:9:"idnomunic";i:13;s:4:"suma";d:262.69;}';
>>> >
>>> > print $pt, "\n";
>>> >
>>> > my $key = "12345678900987654321001234567890";
>>> > my $cipher = Crypt::CBC->new(
>>> >                    -key    => $key,
>>> >                 -cipher => 'Blowfish',
>>> >                 -header => 'randomiv'
>>> > );
>>> >
>>> >         #       print "$pt\n";
>>> > my $encpt = $cipher->encrypt($pt);
>>> > print "\n$encpt", "\n";
>>> >
>>> > print "\n", encode_base64($encpt), "\n";
>>> >
>>> > ## TEST
>>> > my $decpt = $cipher->decrypt($encpt);
>>> > print "\n$decpt", "\n";
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20151112/d0962409/attachment.htm>


More information about the erlang-questions mailing list