Re: Decryption in CFB_Mode

Sat, 15 Nov 2003 16:37:39 -0800 

On Sat, 2003-11-15 at 16:54, Rickey Braddam wrote:
> Wow! That was quick....
> 
> I'd compress, then encrypt, then base-64 encode. At the other end I'd have
> to base-64 decode, then decrypt, then uncompress.
> 
> Note that it would be a very good idea to use a MAC on the ciphertext and
> append the MAC to the ciphertext before base-64 encoding. The MAC has
> a fixed length, so it would be easy to "strip off" (after base-64 decoding)
> and
> verify before decrypting. That ensures that the ciphertext has not been
> tampered with or otherwise corrupted before attempting to decrypt. If the
> ciphertext is currupted, it won't decrypt correctly.

I can use the Gzip class to compress and the Gunzip to decompress. I can
then use CFB_Mode<AES> to encrypt, followed by HMAC to create the MAC
and appent this to the cipher text.

So the steps to encrypt are:

        plaintext -> compressedtext
        compresstext -> ciphertext
        ciphertext + MAC -> write to file

So the steps to decrypt are:

        ciphertext + MAC -> verified ciphertext
        verified ciphertext -> compresstext
        compresstext -> plaintext

I would like to do this all in one go so a StreamTransformationFilter is
what I will use. What I am not sure about is the exact code.

encrypt:

        stringstream cipherstream;
        string ciphertext;
        string plaintext = ... input text ...
        
        CFB_Mode<AES>::Encryption aes_encrypt 
                (m_encryKey, AES::DEFAULT_KEYLENGTH, m_iv);

        StreamTransformationFilter *cfbEncryptor (aes_encrypt,
                new StringSink (ciphertext)));

        StringSource source (new Gzip (plaintext), true, cfbEncyptor);

        /* HMAC code? */
        string mac = ... HMAC code ...

        cipherstream << ciphertext << mac;
        
decrypt:

        string plaintext;
        string ciphertext = ... input cipher text ...

        CFB_Mode<AES>::Decryption aes_decrypt 
                (m_encryKey, AES::DEFAULT_KEYLENGTH, m_iv);

        StreamTransformationFilter *cfbDecryptor (aes_decrypt,
          new Gunzip (new StringSink (plaintext)));

        string mac = size of HMAC from ciphertext.
        /* resize ciphertext to exclude mac */

        StringSource source ( ciphertext, true);

Does this look right? Do I need the Base64 encoding/decoding? I was
following an example when I wrote it.

Stephen

Reply via email to