Hello, Everyone.
I'm developing a MySQL User-Defined Function that can do a better job
of encrypting data than the default aes_encrypt. My first test is with
AES in CBC mode. Given a 16-byte key (say, 1234567887654321) and a 16-
byte IV (say, 1234567800000001), this bit of code takes care of the
encryption.
CBC_Mode<AES>::Encryption cbcModeAesEncryption(key,
AES::DEFAULT_KEYLENGTH, iv);
StreamTransformationFilter stfEncryptor(cbcModeAesEncryption, new
StringSink(cipherText));
stfEncryptor.Put(plainText, args->lengths[0]);
stfEncryptor.MessageEnd();
. . .
SELECT HEX(my_aes_encrypt("Dancing is a perpendicular expression of
a horizontal desire.", "1234567887654321", "1234567800000001"));
E617A85B77DCFA489CDB0D238C20B47A244BBD65627D325176801EA559D8DE5C4823ACD87448A1F7D2BDFAD599D695E4FA4819CE9AC7BA3559E11DE1666744E2
Tweaking the key or IV by a byte or more produces very different
cipher text -- both expected, and good, results.
-- slightly different key
SELECT HEX(my_aes_encrypt("Dancing is a perpendicular expression of
a horizontal desire.", "1234567887654322", "1234567800000001"));
09AC6B96669D956396FD9E344D2FF34C87832052946052C295BFBEABDC73F47DCC9AF7E53AACEC16187AC802D87F97183F629B56CC49D254F44F4501DF3238B5
-- very different key
SELECT HEX(my_aes_encrypt("Dancing is a perpendicular expression of
a horizontal desire.", "8765432112345678", "1234567800000001"));
73736EA36908B5B694ADC4E3B70BABE7B43A7D148C93CDDD845BB6928B5091D12435626087AFE1E34E8BBF2D0F29C95D8CA5ED28F086691605B45D615A01D1FB
-- slightly different IV
SELECT HEX(my_aes_encrypt("Dancing is a perpendicular expression of
a horizontal desire.", "1234567887654321", "1234567800000002"));
5BBEFB0580F510AEB01E7450A19BEE737FCA87DD8FB9DDCE9B29E56C8D639E76FE613A246096EA0313662938BF1818DE692BBF189F387C40CFF3445527B756B6
-- very different IV
SELECT HEX(my_aes_encrypt("Dancing is a perpendicular expression of
a horizontal desire.", "1234567887654321", "9999999999999999"));
37FE0BF48F48B2D5FFC4E40B47B0AD0CD8F9C62FBBE9A8F675A76C8E4B9472CF4C75021B73DEEAEF09707012E63D34E62FD2326E2AEC876625F74BF661808311
I can only recover the plain text from cipher text with the key and IV
used for encryption, of course. A different key throws an exception --
good. However, an IV that differs from the original IV by a byte or
more retrieves plain text that is somewhat garbled, but still very
readable.
-- slightly different IV
SELECT my_aes_decrypt(my_aes_encrypt("Dancing is a perpendicular
expression of a horizontal desire.", "1234567887654321",
"1234567800000001"), "1234567887654321", "1234567800000002");
Dancing is a peqpendicular expression of a horizontal desire.
-- very different IV
SELECT my_aes_decrypt(my_aes_encrypt("Dancing is a perpendicular
expression of a horizontal desire.", "1234567887654321",
"1234567800000001"), "1234567887654321", "9999999999999999");
Ljdneai!`z)h)ylzpendicular expression of a horizontal desire.
That is not a good result, per our business requirements, but is it
expected behavior for block ciphers?
Ideally I'd like even a minor change in input data to produce
drastically different results with encryption AND decryption.
Thanks for all the hard work that has gone into Crypto++. It is much
appreciated.
Cheers,
Anand.
P.S. I'm not having any problems using the library ... yet :-). But,
for the record, my development environment is: MySQL 5.1.48 on Windows
7. Crypto++ 5.6.1 compiled and used in MS Visual C++ 2010 Express.
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
