Re: What are the chances of this encrytion being broken?

colin in sci.crypt:

On 26/03/25 10:54, Marcel Logen wrote:

colin in sci.crypt:

On 25/03/25 12:18, Marcel Logen wrote:

[...]

The Base64 decoded 'text' has 528 bytes.

[...]
>

Possibly 33 128 bit blocks ( aes has a block size 0f 128 bits )

>
32, I think.
>
512 bytes of plaintext become 528 bytes of ciphertext
with AES256 CBC (without salt).

>
I can produce 528 bytes of ciphertext with 513 bytes of plaintext. ie an
extra block is added.
>
eg:
$ cat 512bytes.txt | aespipe -e aes256 -P password.txt | wc -c
512
$ cat 513bytes.txt | aespipe -e aes256 -P password.txt | wc -c
528

Ah, OK. I have found the cause: the padding.

| user15@o15:/tmp$ stat -c '%s' 512bytes.txt
| 512
| user15@o15:/tmp$ openssl enc -aes-256-cbc -in 512bytes.txt   -salt -pass pass:1234 -pbkdf2 | wc -c
| 544
| user15@o15:/tmp$ openssl enc -aes-256-cbc -in 512bytes.txt -nosalt -pass pass:1234 -pbkdf2 | wc -c
| 528
| user15@o15:/tmp$ openssl enc -aes-256-cbc -in 512bytes.txt -nosalt -pass pass:1234 -pbkdf2 -nopad | wc -c
| 512

| user15@o15:/tmp$ stat -c '%s' 513bytes.txt
| 513
| user15@o15:/tmp$ openssl enc -aes-256-cbc -in 513bytes.txt -nosalt -pass pass:1234 -pbkdf2 | wc -c
| 528
| user15@o15:/tmp$ openssl enc -aes-256-cbc -in 513bytes.txt -nosalt -pass pass:1234 -pbkdf2 -nopad | wc -c
| bad encrypt
| 40E7A9630B7F0000:error:1C80006B:Provider routines:ossl_cipher_generic_block_final:wrong final block length:../providers/implementations/ciphers/ciphercommon.c:420:
| 512

Marcel                                                       (Lines: 53)
--
  ╭─────╮  ╭──╮    ╭───╮  ╭─────╮  ╭───╮ ╭─╮  ╭────╮    ╭──────╮    ╭───
──╯     ╰──╯  ╰─╮  ╰─╮ ╰──╯  ╭──╯  ╰─╮ ╰─╯ │  ╰──╮ ╰─╮  ╰───╮  ╰─╮  ╰──╮
       ...8..╭──╯ ╭──╯     ╭─╯     ╭─╯  ╭──╯  ╭──╯   ╰─╮ ╭──╯  ╭─╯   ╭─╯
             ╰────╯        ╰───────╯    ╰─────╯  ..50..╰─╯     ╰─────╯