For basic information on cryptography, I second Victor's recommendation for Schneier's Applied Cryptography. You can also find information at wikipedia.org. Here are the basic answers to your questions, but for more detailed information please consult other sources...
1) b64-encoding is a type of encoding based on "UUEncode" -- a specific type of encoding 8-bit information in 6 bits (2 states, 6 positions is 64 possibilities). These 64 bits are then mapped onto the ASCII printable character set (avoiding the control characters and 0x7f), so that it can be sent through a text-transfer system without worry that essential information (like high bits) is going to be stripped. 2) A block cipher is a type of cryptography that applies a well-defined order of operations, pre-set with a specific key, to blocks of a given number of bits. (64-bit or 128-bit blocks are common -- in these block sizes, up to 7 or 15 bytes can be useless data, or "padding", which is used to create a full-sized block so that there is no unencrypted data sent.) Blowfish is a block cipher, thus there will be padding issues if your input is not an exact multiple of its block size. 3) A 'salt' is a type of key used to pre-set the state of a block cipher with an (essentially) random value, so that a specific type of cryptographic attack called a "dictionary attack" (the attacker knows what algorithm you're using, and pre-encrypts a large number of plaintexts and then compares your ciphertext with his known ciphertexts, thus determining what your plaintext is without having to attack the algorithm itself) is thwarted. 4) There is no way to answer this without knowing what type of key file it is (asymmetric or symmetric). Generally, key files are associated with a certificate file, and thus are asymmetric (public/private-key). In this case, you create a truly random number and use that as the key to encrypt the file, and then encrypt that random key using the asymmetric algorithm associated with the key file, and add that (in some application-defined format) to the encrypted output. (This is a method called "hybrid cryptography", as both asymmetric and symmetric ciphers are used.) Again, for more information, please consult the references above. -Kyle Hamilton On 5/24/06, Xu Gang <[EMAIL PROTECTED]> wrote:
Hi, fellows. Thanks a lot for the hint. I'm using Blowfish in cfb mode. Will there be any "padding not removed" problem with this cipher? Actually I'm very new here. I wonder if anyone can also clarify to me some basic concepts as well. I really appreciate the help. 1) What is b64-encoding? 2) What is block cipher? 3) In enc manpage, what does a "salt" mean? 4) Suppose I have an input file foo.in and a key file foo.key, and want to use bf-cfb to encrypt the input file using the key file. What kind of command should I use? Specifically, in "openssl bf-cfb -in foo.in -out foo.out", where should I insert the key file option? >From: Marek Marcola <[EMAIL PROTECTED]> >Reply-To: openssl-users@openssl.org >To: openssl-users@openssl.org >Subject: Re: Junk code after enc/dec by OpenSSL >Date: Fri, 19 May 2006 22:33:20 +0200 > >Hello, > > Dear OpenSSL community fellows. I'm a new OpenSSL user. I have met my first > > headache recently. I have a plain text file to encrypt and pass to my > > friend. Afterwards, he decrypts the file. Everything is fine except for a > > small piece of junk code attached at the end of the original txt file. It's > > pretty annoying. Can anyone give some hints where this piece of junk code > > from? Thank you very much! >Looks like not removed padding. >Low level crypto functions like (for example) AES_cbc_encrypt() >on encryption add padding but on decryption >you must remove padding yourself. >You should provide more information. > >Best regards, >-- >Marek Marcola <[EMAIL PROTECTED]> > >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List openssl-users@openssl.org >Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
