
Simple and Terrifying Encryption Story - donnemartin
https://blog.elpassion.com/simple-and-terrifying-encryption-story-c1f1d6707c07#.jgryq1n42
======
vms20591
From the post,

If you pass a wrong key, aes gem raises an error:

decrypted = AES.decrypt(encrypted, "Some other password") #=> aes.rb:76:in
`final': bad decrypt (OpenSSL::Cipher::CipherError)

I have a small doubt with the above statement, how come the following didn't
raise any error?

encrypted = AES.encrypt("Super secret message", "password") decrypted =
AES.decrypt(encrypted, "totally wrong password") decrypted #=> Super secret
message

In the above, the enc key used was "password" and the dec key used was
"totally wrong password". The call to the hex function should have returned
"0" for the character pairs in the dec key which should've been the same
result for enc key. Why didn't the library raise any error but instead
decrypted correctly?

PS: I haven't tried it yet and would try to check it out. Just wanted to know
if there is already a reason for it.

------
e1ghtSpace
How does this go unnoticed to the developer?

