[erlang-questions] blowfish cbc mode decrypt

Wed Nov 11 09:28:54 CET 2015

the purpose of this function was to handle
encrypted data generated by Crypt::CBC perl module from cpan:
http://search.cpan.org/~lds/Crypt-CBC-2.33/CBC.pm

funny thing is there is php module (that emulates Crypt::CBC):
http://pear.php.net/package/Crypt_CBC

may be a more general approach would be to make use of PBKDF2
and *ALL* implementation must agree on a single pbkdf algorithm.

I have also observed that padding is not handled also for blowfish_cbc
block cipher, at least.

Basically there are few things  missing for non-ECB mode of operations
(CBC, CFB, CRT, )for block ciphers,
among them being padding and an universal password-based key derivation
function algorithm.

Bogdan

On Wed, Nov 11, 2015 at 1:22 AM, Technion <technion@REDACTED> wrote:

> Hi,
>
>
> I'm not sure if you have other mitigating code, but I'd be concerned about
> calling two calls to MD5 on a passphrase a "derived key" - this would be
> very weak crypto.
>
>
> ------------------------------
> *From:* erlang-questions-bounces@REDACTED <
> erlang-questions-bounces@REDACTED> on behalf of Bogdan Andu <
> bog495@REDACTED>
> *Sent:* Wednesday, 11 November 2015 12:51 AM
> *To:* Dmitry Kolesnikov
> *Cc:* Erlang
> *Subject:* Re: [erlang-questions] blowfish cbc mode decrypt
>
> I was thinking that is handled internally...
>
> however, this did the trick (for randomiv mode of operation):
>
> blowfish_key_from_key(Key) ->
>     Temp = crypto:md5(Key),
>     blowfish_key_from_key1(Temp).
>
> blowfish_key_from_key1(Temp) when size(Temp) < 56 ->
>     Temp1 = crypto:md5(Temp),
>     blowfish_key_from_key1(<<Temp/binary, Temp1/binary>>);
>
> blowfish_key_from_key1(Temp) ->
>     <<Temp1:56/binary, _Rest/bitstring>> = Temp,
>     Temp1.
>
> I think that crypto should have this kind oh helper functions
> because , like in cases of blowfish cipher , whose key length can
> be variable, could be useful in using the cipher correctly, and people
> would know that some things are not implied.
>
> Thanks,
> Bogdan
>
>
> On Tue, Nov 10, 2015 at 1:15 PM, Dmitry Kolesnikov <dmkolesnikov@REDACTED
> > wrote:
>
>> Hello,
>>
>> Yes, this want I thought. You are using wrong key to decrypt data on
>> Erlang side.
>>
>> Please notice that
>>
>> “Crypt::CBC can derive the key and the IV from a passphrase that you
>> provide, or can let you specify the true key and IV manually…
>>
>> The -key argument provides either a passphrase to use to generate the
>> encryption key, or the literal value of the block cipher key. If used in
>> passphrase mode (which is the default), -key can be any number of
>> characters; the actual key will be derived by passing the passphrase
>> through a series of MD5 hash operations.”
>>
>> So, in your example Key is not an encryption key, this is a pass-phrase.
>> The Erlang’s implementation expects that you provides actual key.
>>
>> I do not know how perl’s Crypt::CBC derives the key from perspires. You
>> can either reverse engineer that piece of code or you can use literal key.
>>
>>
>> Best Regards,
>> Dmitry
>>
>>
>> > On Nov 10, 2015, at 11:58 AM, Bogdan Andu <bog495@REDACTED> wrote:
>> >
>> > use strict;
>> > use warnings;
>> > use MIME::Base64;
>> >
>> > use Crypt::CBC;
>> > #use Digest::HMAC_SHA1 qw(hmac_sha1 hmac_sha1_hex);
>> > use PHP::Serialization qw(serialize unserialize);
>> >
>> > my $pt = 'a:10:{s:6:"adresa";s:89:"Address 2 TEST
>> \xc3\x84\xc2\x83\xc3\x83\xc2\xae\xc3\x88\xc2\x99\xc3\x88\xc2\x9b\xc3\x88\xc2\x99\xc3\x88\xc2\x9bbl
>> 7bap 71district
>> XXXBucure\xc3\x88\xc2\x99tiJUDE\xc3\x88\xc2\x9a031905RO";s:4:"info";i:1460382;s:7:"urlback";s:41:"
>> https://192.162.16.116:8020/snep_response";s:4:"cuip";s:18:"Cererea nr
>> 1460382";s:6:"idtaxa";i:5001;s:5:"email";s:16:"xxx123@REDACTED";s:4:"nume";s:55:"\xc3\x88\xc2\x99
>> \xc3\x88\xc2\x9b \xc3\x84\xc2\x83 \xc3\x83\xc2\xae \xc3\x83\xc2\xa2
>> \xc3\x83\xc2\x82 \xc3\x83\xc2\x8e \xc3\x84\xc2\x82 \xc3\x88\xc2\x98
>> \xc3\x88\xc2\x9a u\xc3\x83\xc2\xa7";s:3:"cui";s:18:"Cererea nr
>> 1460382";s:9:"idnomunic";i:13;s:4:"suma";d:262.69;}';
>> >
>> > print $pt, "\n";
>> >
>> > my $key = "12345678900987654321001234567890";
>> > my $cipher = Crypt::CBC->new(
>> >                    -key    => $key,
>> >                 -cipher => 'Blowfish',
>> >                 -header => 'randomiv'
>> > );
>> >
>> >         #       print "$pt\n";
>> > my $encpt = $cipher->encrypt($pt);
>> > print "\n$encpt", "\n";
>> >
>> > print "\n", encode_base64($encpt), "\n";
>> >
>> > ## TEST
>> > my $decpt = $cipher->decrypt($encpt);
>> > print "\n$decpt", "\n";
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20151111/7d624380/attachment.htm>