encryption/decryption problems (MCRYPT_MODE_CBC vs. MCRYPT_MODE_ECB) (250pts)

hi, i'm working on a script, that requires encrypting and decrypting data, but i'm still a little new to encryption.

the script works ok, when i encrypt/decrypt in "MCRYPT_MODE_ECB" mode, but not in "MCRYPT_MODE_CBC" mode.

I'd like to use CBC mode, because it's supposed to be considerably safer.

when i switch to MCRYPT_MODE_CBC mode it decrypts all of it correctly, EXCEPT the first small section. I was thinking that maybe the first 'block' wasn't being deypted properly?

anyway, here's my code:

working code:
-----START CODE-----  
// file name: ez_RIJNDAEL_256.inc. this is a lone .inc file
function encr_RIJNDAEL_256($key_in, $plaintext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $text = $plaintext;
       $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
       return $crypttext;
       }

function decr_RIJNDAEL_256($key_in, $cryptedtext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $cryptedtext, MCRYPT_MODE_ECB, $iv);
       return $plaintext;
       }
 -----END CODE-----


The functions are called using:


-----START CODE-----  
// file name: test_ez_RIJNDAEL_256.php
include('myapp.config.php'); // the only setting in this file for now is:
                             // the variable $enc_passwd which contains
                             // the default encryption password.
include('ez_RIJNDAEL_256.inc'); // contains the encryption / decryption
                                // functions listed in the code block above.

// read the unencrypted contents...
$fp = fopen("testfile.htm", "r");
$contents = fread($fp, filesize("testfile.htm"));
fclose($fp);

$encrypted_string=encr_RIJNDAEL_256(md5($enc_passwd), $contents);

print "<br>encrypted string=<hr>".$encrypted_string."<hr><br>";
// note this prints the encrypted string correctly

$decrypted_string=decr_RIJNDAEL_256(md5($enc_passwd), $encrypted_string);
print "<br>decrypted string=<hr>".$decrypted_string."<hr><br>";
-----END CODE-----  
 

this prints the original unencrypted string, just as it should...
but if i modify the ez_RIJNDAEL_256.inc functions to use MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB, (like in the code below), it messes up...

see the altered code below (not working correctly):
(note all i did was replace all "MCRYPT_MODE_ECB" with "MCRYPT_MODE_CBC")
-----START CODE-----
// file name: ez_RIJNDAEL_256.inc. this is a lone .inc file
function encr_RIJNDAEL_256($key_in, $plaintext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $text = $plaintext;
       $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv);
       return $crypttext;
       }

function decr_RIJNDAEL_256($key_in, $cryptedtext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $cryptedtext, MCRYPT_MODE_CBC, $iv);
       return $plaintext;
       }
-----END CODE-----  

the above code returns the [incorrectly] "decrypted" string like this...

-----START OUTPUT-----  
ÙªA8>â¯v04bÖa é-RÛ†÷nA+“UËœN5from here on the string is properly decrypted... why the heck is the start of this string decrypted incorrectly when usinng MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB ??
-----END OUTPUT-----

why is the start of this string decrypted incorrectly when usinng MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB ??

I'm stumped, if anyone can help it would be a great help. my code propbably just needs a little tweak i'm not seeing. like i said, i'm new to encryption. could i have a problem with the "$iv"??

i did find scripts using the function mcrypt_cbc(), but it says in the php documentation "This function should not be used anymore". i assume this means it's not as secure as other means, or it has been depreciated, or whatever. there must be a reason it "shouldn't be used anymore"...

thanks in advance, i'm a bit stuck. :-)
T Briere
tjbriereAsked:
Who is Participating?
 
jkna_gunnConnect With a Mentor Commented:
i dont use CBC but i can show the code i use to create the $iv

$iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB));

i also encode the crypttext

$crypttext =  trim(chop(base64_encode($crypttext)));

then when decrypting decode the string

$crypttext = trim(chop(base64_decode($string)));
 the $iv would be the same.

see how that goes
0
 
tjbriereAuthor Commented:

thanks jkna_gunn for respnding, but it doesn't answer the question.
0
 
tjbriereAuthor Commented:
I've been struggling with this for some time, and I need to get the project finished really soon.

I find EE very awkward to use, all these rules and all.  Now that someone has commented on my question, I don't know what to do. Do i have to give points when the question was never really answered? can i get the points back, to use later?  I'm surprised to get practically no response.
I have spent considerable time here, and now I have points tied up that I might want to use somewhere else.

I am almost finished rewriting my own pure-php implementation of an encryption algorithm to use, as I don't have huge amounts of data that need to be encrypted, so a pure php script should be adequately fast.

how do i delete or close this question? I don't want to waste other people's time, yet I cannot afford to have to come here every day to check for messages...
0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
tjbriereAuthor Commented:
I read in the faqs that I am to ask someone to delete or close the qestion, is this where I ask?

thanks in advance, I'm a bit of a newbie to EE.
0
 
tjbriereAuthor Commented:
Actually jkna_gunn, you sort of answered the question...

i just found out myself why it's not working, it took a bit of research into how ECB and CBC encryption modes work... then when I look at your answer closely, I see you did indirectly anwer it.

explanation of what I did wrong:

see definitions for ECB:
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci344944,00.html
and CBC:
http://searchsecurity.techtarget.com/gDefinition/0,294236,sid14_gci344945,00.html

ECB mode ecrypts each block separately, CBC mode XOR's the previous block with the curent block before (or was it after?) encryption, then it goes to the next block.  This makes it much more difficult for cryption cracking techniques, for reasons too lengthy to explain.

the first block obviously has no "previous" block. that's where the IV comes in, it serves as the initial block to XOR the first block with.

so, when i decrypted, it all decrypted properly except the first "block".
So If I remember right, I XOR'ed the known text value of the first block with the ecrypted results, and the results are the original IV created, just as I suspected...

Conclusion: I used a different IV for the encryption and decryption process. Yes, it's a stupid mistake, and I should have picked up on the obvious sooner, but I guess that's how we learn.

And learn i did! -- In the meantime, I wrote the entire rijndael (ECB mode only) 128bit encryption algorithm in pure PHP.  I'm going to need it in a larger project I'm working on anyway.  I must ass that I'm very impressed at the speed at which a pure PHP script can crunch numbers!  I think I found a new favorite language. It was a close tie before, but PHP's speed tips it in PHP's favor. :-)

Anyway, If I look closely at the answer you wrote, jkna_gunn, the answer is in there, so I'm giving you the points. :-)

-Trevor Briere, Trail, B.C.




0
 
jkna_gunnCommented:
thanks very much :)
i confess i dont know that much about crytography just enough to get me by.
thanks for the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.