Re: Rijndael: IV Required for Decryption?
From: MikeP (mprocopio_at_gmail.com)
Date: 08/11/05
- Next message: Joseph Ashwood: "Re: test RSA modulus -- corrected"
- Previous message: Regis: "Re: RSA question"
- In reply to: Regis: "Re: Rijndael: IV Required for Decryption?"
- Next in thread: Damien: "Re: Rijndael: IV Required for Decryption?"
- Reply: Damien: "Re: Rijndael: IV Required for Decryption?"
- Reply: John Savard: "Re: Rijndael: IV Required for Decryption?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 10 Aug 2005 20:24:12 -0700
Hi Regis, Thank you for your comments. My reponses are inline--
Regis wrote:
> On 10 Aug 2005 19:25:27 -0700, "MikeP" <mprocopio@gmail.com> wrote:
> Before relying on any implementations for your actual security, it's
> absolutely vital that you test and verify the cipher to make sure that
> it's been put together correctly.
I fully concur... and that's right where I was in terms of the process!
I see that the encryption function makes use of an IV (in this case, as
a placeholder, weak random bytes), and that this is used at the
beginning of the chaining... Looks good. But then I don't see ANY
mechanism to provide the IV in the corresponding decryption method--so
here we are :).
> Get the test vectors from the cipher's designer and make sure that the
> output from the implementation you're using matches the output of the
> original test vectors. If the implementation you're using can't
> reproduce the test vectors, you have to avoid it like the plague.
I have a set of Rijndael test vectors from NIST (Link:
http://csrc.nist.gov/encryption/aes/rijndael/rijndael-vals.zip) and
verifying them is top priority.
> It's astounding how many faulty implementations are floating around in
> the general public, no doubt created by script kiddies or other such
> specimens who have no business being in the programming field, let
> alone touching cryptography.
> Using a faulty implementation is the same as storing your money in a
> vault made out of cardboard.
I entirely agree--I have waded through my share of shoddy cryptographic
code. In this particular case, Fritz Schneider, the author, has given a
reasonable treatment to Rijndael (which, incidentally, has been
discussed here about four years ago on sci.crypt). At the very least,
it gives me a starting point for my own efforts.
Thank you again for your comments... hopefully I can get up and running
with validating this code.
--Mike
- Next message: Joseph Ashwood: "Re: test RSA modulus -- corrected"
- Previous message: Regis: "Re: RSA question"
- In reply to: Regis: "Re: Rijndael: IV Required for Decryption?"
- Next in thread: Damien: "Re: Rijndael: IV Required for Decryption?"
- Reply: Damien: "Re: Rijndael: IV Required for Decryption?"
- Reply: John Savard: "Re: Rijndael: IV Required for Decryption?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
