Basics of Encryption and decryption
Hi All,
This is just to make clear some of the concepts used for encrypting and decrypting a file.
I use crypto++ lib for reference.
Some of common questions:
1) What is a 'seed' in cryptography?
2) I have a plain text file with size say '20kb'. When I encrypt the file the file size is increased. Why?
3) crypto++ provides alogorithms to encrypt and decrypt the files. To either encrypt and decrypt we need to write some logic which can make use of algorithms.
Consider for example I have this code snippet
Code:
string EncryptString(const char *instr, const char *passPhrase)
{
string outstr;
DefaultEncryptorWithMAC encryptor(passPhrase, new HexEncoder(new StringSink(outstr)));
encryptor.Put((byte *)instr, strlen(instr));
encryptor.MessageEnd();
return outstr;
}
string DecryptString(const char *instr, const char *passPhrase)
{
string outstr;
HexDecoder decryptor(new DefaultDecryptorWithMAC(passPhrase, new StringSink(outstr)));
decryptor.Put((byte *)instr, strlen(instr));
decryptor.MessageEnd();
return outstr;
}
Now in the above code there is logic to encrypt and decrpt a string.
1) Suppose there is a hacker who knows the passpharse of string and even know what alogorithm was used to encrypt it ( DefaultEncryptorWithMAC in above case). Is it possible for the hacker to decrypt the string with above information(only passpharse and algorithm used) ?
2) What do I call the logic part written above in technical terms? Suppose I want to explain my peers about how I used the logic to encrypt and decrypt the files. Is this what you call 'seed'?
3) I will encrypt a file with say AES::CBC mode and use passpharse 'hello123'. Now I have a friend in Poland whom I send the file by an attachment. I even reveal my passpharse and algorithm used (AES::CBC) but not the logic I have written to encode. Is it possible for my friend to decrypt the file using crypto++ lib?
The above questions might sound stupid so please bear with me?
Thanks
Re: Basics of Encryption and decryption
Quote:
Originally Posted by
vermarajeev
1) Suppose there is a hacker who knows the passpharse of string and even know what alogorithm was used to encrypt it ( DefaultEncryptorWithMAC in above case). Is it possible for the hacker to decrypt the string with above information(only passpharse and algorithm used) ?
If he has the same program as you or know how to write it it won't be a problem... Actually he might not even need such a program if he is as good as jacek... ;)
Quote:
Originally Posted by
vermarajeev
2) What do I call the logic part written above in technical terms? Suppose I want to explain my peers about how I used the logic to encrypt and decrypt the files. Is this what you call 'seed'?
A seed is generally used to qualify an element of a random number generator but also has many other meanings... Your peers won't necessarily have knowledge of C++ programming and probably won't be willing to build the encyption/decryption program themselve (would they be able to do it and would they have proper tools...)
Quote:
Originally Posted by
vermarajeev
3) I will encrypt a file with say AES::CBC mode and use passpharse 'hello123'. Now I have a friend in Poland whom I send the file by an attachment. I even reveal my passpharse and algorithm used (AES::CBC) but not the logic I have written to encode. Is it possible for my friend to decrypt the file using crypto++ lib?
Sure but, again, he will need some knowledge of C++, crypto++ and all the tools needed (i.e. compiler toolchain, library installed, ...) so this is probably not the right way to go...
Re: Basics of Encryption and decryption
Quote:
Originally Posted by
vermarajeev
2) I have a plain text file with size say '20kb'. When I encrypt the file the file size is increased. Why?
Because you use a block cipher which can encrypt only whole blocks.
Quote:
Originally Posted by
vermarajeev
3) I will encrypt a file with say AES::CBC mode and use passpharse 'hello123'.
Still AES will be the strongest part of your encryption scheme. And AES is as strong as the password, which should remain secret.
Re: Basics of Encryption and decryption
Quote:
Originally Posted by
jacek
Because you use a block cipher which can encrypt only whole blocks.
Still AES will be the strongest part of your encryption scheme. And AES is as strong as the password, which should remain secret.
So mean to say I shouldnt disclose my algorithm too... But if the hacker is really good like you( Jacek ) ;) he can try all the combinations to guess what algorithm I have used. Isnt that possible???
Again since I have written a program to encrypt and decrypt the files using blocks, will it matter?? as the hacker wont be aware of the program I have written. And he needs to first design the program and logic I have used to encrypt and decrypt.
Quote:
Sure but, again, he will need some knowledge of C++, crypto++ and all the tools needed (i.e. compiler toolchain, library installed, ...) so this is probably not the right way to go...
What if he is an expert in some scripting language like perl or ruby. It can also be Java, but doesnt know C++...
Suppose I just encrypted the file ( AES::CBC ) and send it. My friend receives the encrypted file and he knows my 'passpharse' but he doesnt know what program, what language etc. But he guessed it is in AES::CBC. Now he writes a perl program ( his own ) to decrypt the file with same passpharse. Is he going to succeed? Can he decrypt the file? This case happened to me and my friend says ' FILE IS NOT DECRYPTING '. So what should I say the file was encrypted perfectly and is safe.
Re: Basics of Encryption and decryption
Quote:
Originally Posted by
vermarajeev
So mean to say I shouldnt disclose my algorithm too...
A good algorithm is the one that is public and it's still secure. The key is what should be protected.
Quote:
Originally Posted by
vermarajeev
he can try all the combinations to guess what algorithm I have used. Isnt that possible???
Of course it is. There is a limited number of good well-known algorithms. Note that if you use a DLL with encryption routines, one can easily check which one you use simply by checking imported symbols.
Quote:
Originally Posted by
vermarajeev
Again since I have written a program to encrypt and decrypt the files using blocks, will it matter?? as the hacker wont be aware of the program I have written. And he needs to first design the program and logic I have used to encrypt and decrypt.
If the hacker won't have access to your program, his job will be harder, but if the user chooses a good password, he won't be able to do anything without knowing it first.
Quote:
Originally Posted by
vermarajeev
Suppose I just encrypted the file ( AES::CBC ) and send it. My friend receives the encrypted file and he knows my 'passpharse' but he doesnt know what program, what language etc. But he guessed it is in AES::CBC. Now he writes a perl program ( his own ) to decrypt the file with same passpharse. Is he going to succeed?
AES in CBC mode works the same regardless of the programming language, but to decrypt the message, apart from the algorithm, mode and password, you have to know the IV, how was the key derived from the pass phrase and what padding method was used.
