[erlang-questions] blowfish cbc mode decrypt

Thu Nov 12 10:22:42 CET 2015

Hello,

Meanwhile, you can use this one:
https://github.com/fogfish/feta/blob/master/src/hash.erl#L177

Best Regards, 
Dmitry


> On Nov 12, 2015, at 11:03 AM, Bogdan Andu <bog495@REDACTED> wrote:
> 
> RFC2898 (PKCS#5) describes PBKDF2 function,
> so would be nice to have such functions available
> for Key derivation for encryption and for MAC computations
> At least this could be handled in user code.
> 
> CouchDB project has also a PBKDF2 implementation
> 
> Other issues would be :
> 1) padding for CBC mode - should be done internally
> 2) an universal accepted (and implemented) protocol
>     for key derivation in encryption schemes
> 
> Bogdan
> 
> On Thu, Nov 12, 2015 at 1:00 AM, Technion <technion@REDACTED> wrote:
> Hi,
> 
> 
> I appreciate in this case, the limitation is meeting compatibility with an existing product.
> 
> 
> In terms of "things missing", if the goal is just "strong crypto", it's hard to go past libsodium, which has this erlang binding:
> 
> 
> https://github.com/tonyg/erlang-nacl
> 
> 
> 
> tonyg/erlang-nacl · GitHub
> erlang-nacl - Erlang binding to NaCl in the form of libsodium.
> Read more...
> 
> 
> 
> 
> 
> 
> From: Bogdan Andu <bog495@REDACTED>
> Sent: Wednesday, 11 November 2015 7:28 PM
> To: Technion
> Cc: Dmitry Kolesnikov; Erlang
> Subject: Re: [erlang-questions] blowfish cbc mode decrypt
>  
> the purpose of this function was to handle 
> encrypted data generated by Crypt::CBC perl module from cpan:
> http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm
> 
> 
> Crypt::CBC - search.cpan.org
> NAME . Crypt::CBC - Encrypt Data with Cipher Block Chaining Mode. SYNOPSIS use Crypt::CBC; $cipher = Crypt::CBC->new( -key => 'my secret key ...
> Read more...
> 
> 
> 
> 
> funny thing is there is php module (that emulates Crypt::CBC):
> http://pear.php.net/package/Crypt_CBC
> 
> may be a more general approach would be to make use of PBKDF2
> and *ALL* implementation must agree on a single pbkdf algorithm.
> 
> 
> I have also observed that padding is not handled also for blowfish_cbc
> block cipher, at least.
> 
> Basically there are few things  missing for non-ECB mode of operations (CBC, CFB, CRT, )for block ciphers,
> among them being padding and an universal password-based key derivation function algorithm.
> 
> Bogdan
> 
> On Wed, Nov 11, 2015 at 1:22 AM, Technion <technion@REDACTED> wrote:
> Hi,
> 
> 
> I'm not sure if you have other mitigating code, but I'd be concerned about calling two calls to MD5 on a passphrase a "derived key" - this would be very weak crypto.
> 
> 
> From: erlang-questions-bounces@REDACTED <erlang-questions-bounces@REDACTED> on behalf of Bogdan Andu <bog495@REDACTED>
> Sent: Wednesday, 11 November 2015 12:51 AM
> To: Dmitry Kolesnikov
> Cc: Erlang
> Subject: Re: [erlang-questions] blowfish cbc mode decrypt
>  
> I was thinking that is handled internally...
> 
> however, this did the trick (for randomiv mode of operation):
> 
> blowfish_key_from_key(Key) ->
>     Temp = crypto:md5(Key),
>     blowfish_key_from_key1(Temp).
> 
> blowfish_key_from_key1(Temp) when size(Temp) < 56 ->
>     Temp1 = crypto:md5(Temp),
>     blowfish_key_from_key1(<<Temp/binary, Temp1/binary>>);
> 
> blowfish_key_from_key1(Temp) -> 
>     <<Temp1:56/binary, _Rest/bitstring>> = Temp,
>     Temp1.
> 
> I think that crypto should have this kind oh helper functions
> because , like in cases of blowfish cipher , whose key length can
> be variable, could be useful in using the cipher correctly, and people 
> would know that some things are not implied.
> 
> Thanks,
> Bogdan
> 
> 
> On Tue, Nov 10, 2015 at 1:15 PM, Dmitry Kolesnikov <dmkolesnikov@REDACTED> wrote:
> Hello,
> 
> Yes, this want I thought. You are using wrong key to decrypt data on Erlang side.
> 
> Please notice that
> 
> “Crypt::CBC can derive the key and the IV from a passphrase that you provide, or can let you specify the true key and IV manually…
> 
> The -key argument provides either a passphrase to use to generate the encryption key, or the literal value of the block cipher key. If used in passphrase mode (which is the default), -key can be any number of characters; the actual key will be derived by passing the passphrase through a series of MD5 hash operations.”
> 
> So, in your example Key is not an encryption key, this is a pass-phrase. The Erlang’s implementation expects that you provides actual key.
> 
> I do not know how perl’s Crypt::CBC derives the key from perspires. You can either reverse engineer that piece of code or you can use literal key.
> 
> 
> Best Regards,
> Dmitry
> 
> 
> > On Nov 10, 2015, at 11:58 AM, Bogdan Andu <bog495@REDACTED> wrote:
> >
> > use strict;
> > use warnings;
> > use MIME::Base64;
> >
> > use Crypt::CBC;
> > #use Digest::HMAC_SHA1 qw(hmac_sha1 hmac_sha1_hex);
> > use PHP::Serialization qw(serialize unserialize);
> >
> > my $pt = 'a:10:{s:6:"adresa";s:89:"Address 2 TEST \xc3\x84\xc2\x83\xc3\x83\xc2\xae\xc3\x88\xc2\x99\xc3\x88\xc2\x9b\xc3\x88\xc2\x99\xc3\x88\xc2\x9bbl 7bap 71district XXXBucure\xc3\x88\xc2\x99tiJUDE\xc3\x88\xc2\x9a031905RO";s:4:"info";i:1460382;s:7:"urlback";s:41:"https://192.162.16.116:8020/snep_response";s:4:"cuip";s:18:"Cererea nr 1460382";s:6:"idtaxa";i:5001;s:5:"email";s:16:"xxx123@REDACTED";s:4:"nume";s:55:"\xc3\x88\xc2\x99 \xc3\x88\xc2\x9b \xc3\x84\xc2\x83 \xc3\x83\xc2\xae \xc3\x83\xc2\xa2 \xc3\x83\xc2\x82 \xc3\x83\xc2\x8e \xc3\x84\xc2\x82 \xc3\x88\xc2\x98 \xc3\x88\xc2\x9a u\xc3\x83\xc2\xa7";s:3:"cui";s:18:"Cererea nr 1460382";s:9:"idnomunic";i:13;s:4:"suma";d:262.69;}';
> >
> > print $pt, "\n";
> >
> > my $key = "12345678900987654321001234567890";
> > my $cipher = Crypt::CBC->new(
> >                    -key    => $key,
> >                 -cipher => 'Blowfish',
> >                 -header => 'randomiv'
> > );
> >
> >         #       print "$pt\n";
> > my $encpt = $cipher->encrypt($pt);
> > print "\n$encpt", "\n";
> >
> > print "\n", encode_base64($encpt), "\n";
> >
> > ## TEST
> > my $decpt = $cipher->decrypt($encpt);
> > print "\n$decpt", "\n";
> 
> 
> 
>