Triple DES解密再次解密时返回错误的前16个字节。

huangapple go评论91阅读模式
英文:

Triple DES decryption returns wrong first 16 bytes of when decrypted again

问题

我在尝试再次解密相同的字节片段时遇到了问题。

以下是代码示例:

package main

import (
	"fmt"
	"crypto/cipher"
	"crypto/des"
)

const (
	// tripleKey is TripleDES key string (3x8 bytes)
	tripleKey = "12345678asdfghjkzxcvbnmq"
)

var (
	encrypter cipher.BlockMode
	decrypter cipher.BlockMode
)

func init() {
	// tripleDESChiper is chiper block based on tripleKey used for encryption/decryption
	tripleDESChiper, err := des.NewTripleDESCipher([]byte(tripleKey))
	if err != nil {
		panic(err)
	}

	// iv is Initialization Vector used for encrypter/decrypter creation
	ciphertext := []byte("0123456789qwerty")
	iv := ciphertext[:des.BlockSize]

	// create encrypter and decrypter
	encrypter = cipher.NewCBCEncrypter(tripleDESChiper, iv)
	decrypter = cipher.NewCBCDecrypter(tripleDESChiper, iv)
}

func main() {
	message := "12345678qwertyuia12345678zxcvbnm,12345678poiuytr"
	data := []byte(message)
	hash := encrypt(data)
	
	decoded1 := decrypt(hash)
	decoded2 := decrypt(hash)
	decoded3 := decrypt(hash)
	decoded4 := decrypt(hash)
	
	
	fmt.Printf("encrypted data :             %x\n", data)
	fmt.Printf("1 try of decryption result : %x\n", decoded1)
	fmt.Printf("2 try of decryption result : %x\n", decoded2)
	fmt.Printf("3 try of decryption result : %x\n", decoded3)
	fmt.Printf("4 try of decryption result : %x\n", decoded4)
}

func encrypt(msg []byte) []byte {
	encrypted := make([]byte, len(msg))
	encrypter.CryptBlocks(encrypted, msg)
	
	return encrypted
}

func decrypt(hash []byte) []byte {
	decrypted := make([]byte, len(hash))
	decrypter.CryptBlocks(decrypted, hash)
	
	return decrypted
}

你可以在playground上运行这段代码。

它给出了以下结果:

encrypted data :             313233343536373871776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
1 try of decryption result : 313233343536373871776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
2 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
3 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
4 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472

正如你所看到的,第一次解密正常工作并返回有效结果,但是所有其他尝试都返回错误的结果。结果的前16个字节与源字节片段不同。

有人能描述一下我做错了什么吗?

英文:

I have a problem with decryption when I try to decrypt the same byte slice again.

Example of code for clarification:

package main
import (
"fmt"
"crypto/cipher"
"crypto/des"
)
const (
// tripleKey is TripleDES key string (3x8 bytes)
tripleKey = "12345678asdfghjkzxcvbnmq"
)
var (
encrypter cipher.BlockMode
decrypter cipher.BlockMode
)
func init() {
// tripleDESChiper is chiper block based on tripleKey used for encryption/decryption
tripleDESChiper, err := des.NewTripleDESCipher([]byte(tripleKey))
if err != nil {
panic(err)
}
// iv is Initialization Vector used for encrypter/decrypter creation
ciphertext := []byte("0123456789qwerty")
iv := ciphertext[:des.BlockSize]
// create encrypter and decrypter
encrypter = cipher.NewCBCEncrypter(tripleDESChiper, iv)
decrypter = cipher.NewCBCDecrypter(tripleDESChiper, iv)
}
func main() {
message := "12345678qwertyuia12345678zxcvbnm,12345678poiuytr"
data := []byte(message)
hash := encrypt(data)
decoded1 := decrypt(hash)
decoded2 := decrypt(hash)
decoded3 := decrypt(hash)
decoded4 := decrypt(hash)
fmt.Printf("encrypted data :             %x\n", data)
fmt.Printf("1 try of decryption result : %x\n", decoded1)
fmt.Printf("2 try of decryption result : %x\n", decoded2)
fmt.Printf("3 try of decryption result : %x\n", decoded3)
fmt.Printf("4 try of decryption result : %x\n", decoded4)
}
func encrypt(msg []byte) []byte {
encrypted := make([]byte, len(msg))
encrypter.CryptBlocks(encrypted, msg)
return encrypted
}
func decrypt(hash []byte) []byte {
decrypted := make([]byte, len(hash))
decrypter.CryptBlocks(decrypted, hash)
return decrypted
}

This code is also available and runnable
on the playground.

It gives the following result:

encrypted data :             313233343536373871776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
1 try of decryption result : 313233343536373871776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
2 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
3 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472
4 try of decryption result : 5e66fa74456402c271776572747975696131323334353637387a786376626e6d2c3132333435363738706f6975797472

As you can see the first decryption works well and returns valid result,
but all other tries returns the wrong result.
The first 16 bytes of result is not as in source byte slice.

Can somebody describe what I am doing wrong?

答案1

得分: 6

简短版本:不要重复使用解密器对象。

较长版本:您正在使用CBC模式的密码:在加密数据时,第N个块的明文与第N-1个块的密文(或第一个块的IV)进行异或运算。在解密时,这个过程是反向进行的。

这意味着当您尝试重复使用解密器对象时,由于状态不正确,您将无法获得正确的结果-它会将块解密为消息中的连续块。CBC的一个特点是,错误的IV只会影响第一个解密的块。

英文:

Short version: don't reuse the decrypter object.

Longer version: You're using a cipher in CBC mode: when encrypting the data, the plaintext for block N is XOR-ed with the ciphertext for block N-1 (or the IV, on the first block). On decryption this is done in reverse.

This means that when you try and reuse your decrypter object you don't get the correct results because the state isn't correct - it is decrypting the blocks as if they were subsequent blocks in your message. A peculiarity of CBC is that an incorrect IV will only affect the first decrypted block.

huangapple
  • 本文由 发表于 2015年5月19日 20:49:54
  • 转载请务必保留本文链接:https://go.coder-hub.com/30326141.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定