Solved

encryption/decryption problems (MCRYPT_MODE_CBC vs. MCRYPT_MODE_ECB) (250pts)

Posted on 2004-04-01
6
3,979 Views
Last Modified: 2007-12-19
hi, i'm working on a script, that requires encrypting and decrypting data, but i'm still a little new to encryption.

the script works ok, when i encrypt/decrypt in "MCRYPT_MODE_ECB" mode, but not in "MCRYPT_MODE_CBC" mode.

I'd like to use CBC mode, because it's supposed to be considerably safer.

when i switch to MCRYPT_MODE_CBC mode it decrypts all of it correctly, EXCEPT the first small section. I was thinking that maybe the first 'block' wasn't being deypted properly?

anyway, here's my code:

working code:
-----START CODE-----  
// file name: ez_RIJNDAEL_256.inc. this is a lone .inc file
function encr_RIJNDAEL_256($key_in, $plaintext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $text = $plaintext;
       $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
       return $crypttext;
       }

function decr_RIJNDAEL_256($key_in, $cryptedtext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $cryptedtext, MCRYPT_MODE_ECB, $iv);
       return $plaintext;
       }
 -----END CODE-----


The functions are called using:


-----START CODE-----  
// file name: test_ez_RIJNDAEL_256.php
include('myapp.config.php'); // the only setting in this file for now is:
                             // the variable $enc_passwd which contains
                             // the default encryption password.
include('ez_RIJNDAEL_256.inc'); // contains the encryption / decryption
                                // functions listed in the code block above.

// read the unencrypted contents...
$fp = fopen("testfile.htm", "r");
$contents = fread($fp, filesize("testfile.htm"));
fclose($fp);

$encrypted_string=encr_RIJNDAEL_256(md5($enc_passwd), $contents);

print "<br>encrypted string=<hr>".$encrypted_string."<hr><br>";
// note this prints the encrypted string correctly

$decrypted_string=decr_RIJNDAEL_256(md5($enc_passwd), $encrypted_string);
print "<br>decrypted string=<hr>".$decrypted_string."<hr><br>";
-----END CODE-----  
 

this prints the original unencrypted string, just as it should...
but if i modify the ez_RIJNDAEL_256.inc functions to use MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB, (like in the code below), it messes up...

see the altered code below (not working correctly):
(note all i did was replace all "MCRYPT_MODE_ECB" with "MCRYPT_MODE_CBC")
-----START CODE-----
// file name: ez_RIJNDAEL_256.inc. this is a lone .inc file
function encr_RIJNDAEL_256($key_in, $plaintext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $text = $plaintext;
       $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $iv);
       return $crypttext;
       }

function decr_RIJNDAEL_256($key_in, $cryptedtext){
       $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
       $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
       $key = $key_in;
       $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $cryptedtext, MCRYPT_MODE_CBC, $iv);
       return $plaintext;
       }
-----END CODE-----  

the above code returns the [incorrectly] "decrypted" string like this...

-----START OUTPUT-----  
ÙªA8>â¯v04bÖa é-RÛ†÷nA+“UËœN5from here on the string is properly decrypted... why the heck is the start of this string decrypted incorrectly when usinng MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB ??
-----END OUTPUT-----

why is the start of this string decrypted incorrectly when usinng MCRYPT_MODE_CBC instead of MCRYPT_MODE_ECB ??

I'm stumped, if anyone can help it would be a great help. my code propbably just needs a little tweak i'm not seeing. like i said, i'm new to encryption. could i have a problem with the "$iv"??

i did find scripts using the function mcrypt_cbc(), but it says in the php documentation "This function should not be used anymore". i assume this means it's not as secure as other means, or it has been depreciated, or whatever. there must be a reason it "shouldn't be used anymore"...

thanks in advance, i'm a bit stuck. :-)
T Briere
0
Comment
Question by:tjbriere
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 6

Accepted Solution

by:
jkna_gunn earned 250 total points
ID: 10739057
i dont use CBC but i can show the code i use to create the $iv

$iv = substr(md5($key), 0,mcrypt_get_iv_size (MCRYPT_CAST_256,MCRYPT_MODE_CFB));

i also encode the crypttext

$crypttext =  trim(chop(base64_encode($crypttext)));

then when decrypting decode the string

$crypttext = trim(chop(base64_decode($string)));
 the $iv would be the same.

see how that goes
0
 

Author Comment

by:tjbriere
ID: 10807863

thanks jkna_gunn for respnding, but it doesn't answer the question.
0
 

Author Comment

by:tjbriere
ID: 10807865
I've been struggling with this for some time, and I need to get the project finished really soon.

I find EE very awkward to use, all these rules and all.  Now that someone has commented on my question, I don't know what to do. Do i have to give points when the question was never really answered? can i get the points back, to use later?  I'm surprised to get practically no response.
I have spent considerable time here, and now I have points tied up that I might want to use somewhere else.

I am almost finished rewriting my own pure-php implementation of an encryption algorithm to use, as I don't have huge amounts of data that need to be encrypted, so a pure php script should be adequately fast.

how do i delete or close this question? I don't want to waste other people's time, yet I cannot afford to have to come here every day to check for messages...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:tjbriere
ID: 10807876
I read in the faqs that I am to ask someone to delete or close the qestion, is this where I ask?

thanks in advance, I'm a bit of a newbie to EE.
0
 

Author Comment

by:tjbriere
ID: 10871254
Actually jkna_gunn, you sort of answered the question...

i just found out myself why it's not working, it took a bit of research into how ECB and CBC encryption modes work... then when I look at your answer closely, I see you did indirectly anwer it.

explanation of what I did wrong:

see definitions for ECB:
http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci344944,00.html
and CBC:
http://searchsecurity.techtarget.com/gDefinition/0,294236,sid14_gci344945,00.html

ECB mode ecrypts each block separately, CBC mode XOR's the previous block with the curent block before (or was it after?) encryption, then it goes to the next block.  This makes it much more difficult for cryption cracking techniques, for reasons too lengthy to explain.

the first block obviously has no "previous" block. that's where the IV comes in, it serves as the initial block to XOR the first block with.

so, when i decrypted, it all decrypted properly except the first "block".
So If I remember right, I XOR'ed the known text value of the first block with the ecrypted results, and the results are the original IV created, just as I suspected...

Conclusion: I used a different IV for the encryption and decryption process. Yes, it's a stupid mistake, and I should have picked up on the obvious sooner, but I guess that's how we learn.

And learn i did! -- In the meantime, I wrote the entire rijndael (ECB mode only) 128bit encryption algorithm in pure PHP.  I'm going to need it in a larger project I'm working on anyway.  I must ass that I'm very impressed at the speed at which a pure PHP script can crunch numbers!  I think I found a new favorite language. It was a close tie before, but PHP's speed tips it in PHP's favor. :-)

Anyway, If I look closely at the answer you wrote, jkna_gunn, the answer is in there, so I'm giving you the points. :-)

-Trevor Briere, Trail, B.C.




0
 
LVL 6

Expert Comment

by:jkna_gunn
ID: 10871364
thanks very much :)
i confess i dont know that much about crytography just enough to get me by.
thanks for the points.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
if statement malfunction 5 44
Google Recaptcha 13 57
Link Stopped Working 7 33
Developers / Staff Setup 10 48
This article discusses four methods for overlaying images in a container on a web page
This article discusses how to create an extensible mechanism for linked drop downs.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question