On Tue, Oct 29, 2013 at 05:26:39PM +0100, Luis Rocha wrote:
> btw a interesting phenomenon where encrypting with the same key reveals the
> plaintext.
There are two such keys among the 4 weak DES keys:
0101010101010101
fefefefefefefefe
1f1f1f1f1f1f1f1f
e0e0e0e0e0e0e0e0
http://www.umich.edu/~x509/ssleay/des-weak.html
Namely: 0101010101010101 and fefefefefefefefe
$ for k in 0101010101010101 fefefefefefefefe 1f1f1f1f1f1f1f1f e0e0e0e0e0e0e0e0
do
printf aaaaaaaa |
openssl enc -des-cbc -K $k -iv 0000000000000000 |
openssl enc -nopad -des-ecb -K $k | od -tx1 | head -1
done
0000000 61 61 61 61 61 61 61 61 f1 02 b2 9f 61 04 a7 18
0000000 61 61 61 61 61 61 61 61 c0 42 0c 03 84 27 46 c4
0000000 00 05 68 d7 f2 86 de 82 a3 97 54 9a 3a 9e c3 40
0000000 f1 bd f8 79 26 79 ff 25 ce a0 c8 e1 f4 eb fc ea
For these two keys encryption and decryption are the same operation. Don't
use DES, but if you do, avoid weak keys. That said, don't use DES.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
