RE: Rijndael decryption succeeds SOMETIMES

From: David Whitchurch-Bennett (DavidWhitchurchBennett_at_discussions.microsoft.com)
Date: 05/24/05

  • Next message: Steve B.: "Re: Appl. Security Problems" 
    Date: Tue, 24 May 2005 13:14:11 -0700

    I'm not sure if you are having these problems, but I have solved a similar
    problem that has been troubling me all afternoon....

    1. Check the IV is the same in the decrypt as encrypt (I am sure you already
    know this).

    2. If you are converting bytes to text using an ASCIIEncoder, or any other
    8-bit encoder, it will only convert using 8-bits, i.e. a byte value of 129
    will become 1!!

    I had this problem because the MSDN sample uses an ASCII encoder! How
    annoying!!!!! I hope this helps.

    "Derek Knudsen" wrote:

    > I'm working on a solution that takes a random passphrase of a user and hashes
    > it to produce an crypto key, which is then used to encrypt and decrypt. What
    > we are finding is that it works on most machines all the time (throws "PKCS7
    > padding is invalid ..." when invalid passphrase passed - probably not a
    > perfect check) but not on all of the machines and not all the time.
    > Sometimes you can give it a passphrase and the decryption of the encrypted
    > information will work. Also, in this case, the decrypted info will be
    > different than what it should be. What am I doing wrong? Why is it
    > sometimes working on invalid passphrases? Here's the code:
    >
    > public static byte[] Decrypt(byte[] cipherText_, byte[] salt_, byte[] iv_,
    > string passPhrase_)
    > {
    > byte[] plainText = new byte[cipherText_.Length];
    > byte[] temp;
    >
    > using(MemoryStream cipherStream = new MemoryStream(cipherText_))
    > {
    > //hash password
    > PasswordDeriveBytes key = new PasswordDeriveBytes(passPhrase_, salt_,
    > PasswordDeriveHashName, PasswordDeriveIterations);
    >
    > //Encrypt
    > SymmetricAlgorithm sa = RijndaelManaged.Create();
    > ICryptoTransform decryptor = sa.CreateDecryptor(key.GetBytes(32), iv_);
    > CryptoStream cryptoStream = new CryptoStream(cipherStream, decryptor,
    > CryptoStreamMode.Read);
    > int read = cryptoStream.Read(plainText, 0, plainText.Length);
    > temp = new byte[read];
    > Array.Copy(plainText, 0, temp, 0, read);
    > }
    > return temp;
    > }
    >
    >
    >

  • Next message: Steve B.: "Re: Appl. Security Problems"

    Relevant Pages

    • Re: Newbie gpg question
      ... I'm still a little in the dark about the whole key management ... Encrypt the result of the daily backup of an SVN repository from my ... to encrypt, then, if the need arises, `gpg -d' to decrypt. ... This way you need only remember your passphrase -- the same passphrase ...
      (comp.os.linux.security)
    • Re: RSACryptoServiceProvider Question
      ... The server would then decrypt the password ... distribute the public key, and then use asymmetric encryption for the ... such slower to encrypt and decrypt than symmetric. ... 3/ Generate a unique passphrase and temporarily store it ...
      (microsoft.public.dotnet.languages.vb)
    • Rijndael decryption succeeds SOMETIMES
      ... I'm working on a solution that takes a random passphrase of a user and hashes ... it to produce an crypto key, which is then used to encrypt and decrypt. ...
      (microsoft.public.dotnet.security)
    • RE: NTE_BAD_DATA
      ... They are NOT used DIRECTLY to encrypt / decrypt data; ... you should generate a RANDOM SESSION KEY and select a SYMMETRIC ENCRYPTION ... // imported from a BLOB read in from the source file or having ...
      (microsoft.public.platformsdk.security)
    • [NEWS] RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... and encrypt their files and data. ... its passphrase and general encryption techniques. ... Attack: "Symmetric key injection". ...
      (Securiteam)