In message <[EMAIL PROTECTED]> on Thu, 23 Dec 2004 14:24:28 -0500, david zhang <[EMAIL PROTECTED]> said:
davidzhanginottawa> Can I say that by using only the information davidzhanginottawa> provided by the encryption/decryption algorithm davidzhanginottawa> (for here the example DES algorithm), one can not davidzhanginottawa> tell if the decryption is correct without davidzhanginottawa> comparing with the original plaintext? Yes, that is correct. davidzhanginottawa> Only by the help of standard, such as the PKCS#5, davidzhanginottawa> because the encrypted data contains the standard davidzhanginottawa> PKCS#5 information which provides some decision- davidzhanginottawa> making check points there to see if the decryption davidzhanginottawa> is correct. Am I right? Yes. davidzhanginottawa> And can I go further to guess that these checking davidzhanginottawa> points may be a helper for a hacker to be more davidzhanginottawa> easily to break in ...? In the case you showed (where you used des-ede), yes, it's possible, especially if you have a message that's an exact multiple of DES blocks (64 bits, i.e. 8 bytes), because the last block will invariably be \x08\x08\x08\x08\x08\x08\x08\x08, which is therefore a known plaintext. That's one reason to use a cipher mode (for example des-ede-cbc) which will make the last block depend on all previous blocks in some way, thereby garbling the last block so a plaintext attack on it becomes impossible (or at least way too hard). davidzhanginottawa> (since you need not to see if the decrypted data davidzhanginottawa> is somesort meaningful ...). Anyway, So then, davidzhanginottawa> before PKCS, is there any way to tell the davidzhanginottawa> decryption is correct? Unless you use your own tricks, no. There are way to do it, for example by inserting the same random byte at two known positions in the message, and check that they are the same on decryption (SSH v1 keys have that kind of mechanism to check if the decryption of a chosen RSA key is successfull). Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]