Hacker News new | past | comments | ask | show | jobs | submit login

It's probably worth pointing out: you have the same problems if you're using CFB, OFB, or CTR mode (these are the "stream cipher" modes for DES/AES/whatever that encrypt one byte at a time). There's apocrypha about these modes not being vulnerable to the attack. Bad apocrypha:

Set up an encryptor:

  irb> e = OpenSSL::Cipher::Cipher.new('aes-256-ofb')
  => #<OpenSSL::Cipher::Cipher:0x647100>
  irb> e.key = "\x11" * 32
  irb> e.iv = "\x00" * 16
A decryptor:

  irb> d = OpenSSL::Cipher::Cipher.new('aes-256-ofb')
  => #<OpenSSL::Cipher::Cipher:0x647120>
  irb> d.decrypt
  irb> d.key = "\x11" * 32
  irb> d.iv = "\x00" * 16
 
Encrypt something:

  irb> ciphertext = (e << "A * 40")
  => "a\255N\211XEn\001\347$\275)\311%Ht\2356\254m\b\234z\375\311\006\335\305F\231~\201\243\236\3628w\267\3454"
Make an XOR mask:

  irb> mask = ("187 she wrote".to_bignum ^ ("A" * 13).to_bignum).to_rawstring
  => "pyva2)$a63.5$"
XOR it into the ciphertext:

  irb> new_ciphertext = (ciphertext.to_bignum ^ mask.to_bignum).to_rawstring
NOW decrypt it:

  irb> d << nct
  => "AAAAAAAAAAAAAAAAAAAAAAAAAAA187 she wrote"



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: