Re: how does openssl know the decryption is not succeeded without comparing with the original plaintext?

Thu, 23 Dec 2004 11:26:14 -0800 

Thank you very much Richard. The PKCS came in play long time after DES
was already in stage. Can I say that by using only the information
provided by the encryption/decryption algorithm (for here the example
DES algorithm), one can not tell if the decryption is correct without
comparing with the original plaintext? Only by the help of standard,
such as the PKCS#5, because the encrypted data contains the standard
PKCS#5 information which provides some decision-making check points
there to see if the decryption is correct. Am I right? And can I go
further to guess that these checking points may be a helper for a
hacker to be more easily to break in ...? (since you need not to see
if the decrypted data is somesort meaningful ...). Anyway,
So then, before PKCS, is there any way to tell the decryption is correct?

David 


On Thu, 23 Dec 2004 19:46:38 +0100 (CET), Richard Levitte - VMS
Whacker <[EMAIL PROTECTED]> wrote:
> In message <[EMAIL PROTECTED]> on Thu, 23 Dec 2004 13:18:13 -0500, david 
> zhang <[EMAIL PROTECTED]> said:
> 
> davidzhanginottawa> I am wondering why the decryption routine knows if
> davidzhanginottawa> a decryption is correct or not without comparing
> davidzhanginottawa> with the original plaintext file? Is there
> davidzhanginottawa> something inside the encrypted file "hello.enc"
> davidzhanginottawa> contains some data which do the magic?
> 
> It knows because if decryption has failed, the padding pattern at the
> end will be faulty.  Read PKCS#5 to see what padding is used for this
> kind of operation.
> 
> Cheers,
> Richard
> 
> -----
> Please consider sponsoring my work on free software.
> See http://www.free.lp.se/sponsoring.html for details.
> 
> --
> Richard Levitte                         [EMAIL PROTECTED]
>                                         http://richard.levitte.org/
> 
> "When I became a man I put away childish things, including
>  the fear of childishness and the desire to be very grown up."
>                                                 -- C.S. Lewis
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to