Symmetric encryption question
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Symmetric encryption question

  1. #1
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    Question Symmetric encryption question

    I know when using an asymmetric encryption algorithm like RSA, you need to generate a key pair (public and private) that have a mathematical correlation for message encryption, but when using a symmetric encryption algorithm like Blowfish, can the key be basically any string of printable characters as long as the same key is used for both encryption and decryption?
    /* You are not expected to understand this. */

  2. #2
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    yes, i think it can be any char who's val is <= 255...
    or at least with blowfish, thats how it is?
    am i understanding your question?
    yeah, I\'m gonna need that by friday...

  3. #3
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    I'm just playing around with the Crypt::Blowfish module in Perl, and it's asking for a key. The specs on the algorithm suggest I can use any key between 8bytes and 56bytes. When I use a random string smaller than 8 bytes I get an error saying "input must be 8 bytes long". When I put in a string greater than 8 bytes, I get an "invalid key length" error. Weird...

    The pod documentation example that came with the module uses pack to create a binary hex block out of a string of 16 characters...which would be 8 bits in hex, so this is obviously just an example. However, I tried packing a string of 112 random characters into a 56 high nybble hex block, and I get the "input must be 8 bytes long" error again. Any suggestions?
    /* You are not expected to understand this. */

  4. #4
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    hmmm, not right now... but let me check (i love the Crypt lib )...
    not to be nosey, but could you PM your example.pl so i can take a look?
    yeah, I\'m gonna need that by friday...

  5. #5
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    The code I'm using is really straight-forward:

    #!/usr/bin/perl -w
    use strict;
    use Crypt::Blowfish;
    my $key = pack("H56", "12004001208404a43f00502200b204602600c00001da894922433e46018004602404240109301008140000000142404002010000000000001J");
    my $plaintext = "WARNING: THIS MESSAGE IS SUBJECT TO MONITORING BY THE UNITED
    STATES DEPARTMENT OF HOMELAND DEFENSE.";
    my $cipher = new Crypt::Blowfish $key;
    my $ciphertext = $cipher->encrypt($plaintext);
    print unpack("H56", $ciphertext),"\n";
    my $decrypted = $cipher->decrypt($ciphertext);
    print $decrypted, "\n";
    /* You are not expected to understand this. */

  6. #6
    Hmm... the blowfish key length is variable and can be up to 448 bits.. you can count the aproximate char

  7. #7
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    It looks like the algorithm can only encrypt 8byte strings, so I threw together a subroutine to parse through any size string 8bytes at a time. Concatenate them all together and you get a (fairly) safe encrypted string. Thanks everyone. I'll post the code here when I finish polishing it up.
    /* You are not expected to understand this. */

  8. #8
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670

    Here's the code:

    Here's the code I came up with. Please keep in mind that for my purposes, this code is all I require, but this method has some big problems with it (namely the key to encrypt/decrypt hardcoded into the script!). However, it might be good for some folks to play with and modify to create something better. It should also be noted that the string produced by the Blowfish encryption algorithm usually contains non-printable characters, and I couldn't have those in my implementation, so during encryption I'm actually packing the resultant string into a space padded ASCII string, and then unpacking it into a hex string. During decryption, I pack the string back into a binary format. If anyone has any questions about this snippet, please let me know and I'll be happy to answer them:

    #!/usr/bin/perl -w
    use strict;
    use Crypt::Blowfish;
    my $i=0;
    my $Blowfish_Key = "Qas42a41i1301348f2vvng012m";
    my $Blowfish_Cipher = new Crypt::Blowfish $Blowfish_Key;

    shift=~/\-e/?encrypt():decrypt();
    exit;

    sub encrypt
    {
    my $Username = $ARGV[0];
    my $Password = $ARGV[1];
    my $Encrypted = "";

    for($i=0;$i!=-1;$i+=8)
    {
    my $linechunk=substr($Password, $i, 8);
    $Encrypted.=unpack("H16",$Blowfish_Cipher->encrypt(pack("A8",$linechunk)));
    if(length($linechunk)<7){ last; }
    }
    print $Encrypted,"\n";
    }

    sub decrypt
    {
    my $Retrieved = $ARGV[0];
    my $Decrypted = "";

    for($i=0;$i!=-1;$i+=16)
    {
    my $linechunk = substr($Retrieved, $i, 16);
    if(length($linechunk)<1){ last; }
    $Decrypted .= $Blowfish_Cipher->decrypt(pack("H16", $linechunk));
    if(length($linechunk)<15){ last; }
    }
    print $Decrypted,"\n";
    }
    /* You are not expected to understand this. */

  9. #9
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953

    Module Question

    Hey, maybe i should start a new thread for this [?] but i was wondering...

    just recently, perl has not been able to load some module(s)...
    i reinstalled Perl in hopes that it would just clear up on it's own...
    anyway- if anyone has seen this problem before...
    Perl 5.8.0
    Build 805
    yeah, I\'m gonna need that by friday...

  10. #10
    Senior Member roswell1329's Avatar
    Join Date
    Jan 2002
    Posts
    670
    You need to make sure you have the module you're calling in one of your lib directories (C:\Perl\lib, and C:\Perl\site\lib). I don't believe the Blowfish module comes standard with Perl, so you may have to grab it off of CPAN.
    /* You are not expected to understand this. */

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •