By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
446,134 Members | 1,742 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 446,134 IT Pros & Developers. It's quick & easy.

DES Algorithm padding problem??

P: 52
Hello,

I am making an implementation of DES using 56bit key and 64 bit block.
Now the problem is that when the last set of bytes are read from the file, and say it comes out to be 2bytes remaining, then I have to pad remaining 6 bytes to get my 8 bytes of block for encryption.

So when I decrypt the file, these padded bytes also gets decrypted(which should not happen), resulting in corruption of the file after decryption.

So, please tell me how can I overcome this problem.

I am using OpenSSL libraries for DES.

Also, can I increase the input block size from 64bit to some higher value, because it takes a lot of time during encryption/decryption.

Pawan
Feb 21 '07 #1
Share this Question
Share on Google+
13 Replies


RedSon
Expert 5K+
P: 5,000
The problem with block ciphers is that they must operate on multiples of their block size. You are running into an issue with a poor block cipher mode of operation. Simply padding the block might not work unless you can find the original size of the file to begin with. You should choose a better mode of operation.

Link: http://en.wikipedia.org/wiki/Block_c...s_of_operation
Feb 21 '07 #2

P: 52
The problem with block ciphers is that they must operate on multiples of their block size. You are running into an issue with a poor block cipher mode of operation. Simply padding the block might not work unless you can find the original size of the file to begin with. You should choose a better mode of operation.

Link: http://en.wikipedia.org/wiki/Block_c...s_of_operation
The Wiki link is great, thanks.
Also I think I will have to store the original file length at the beginning of the file and use it to get the file length during decryption.

Also can you tell me, how to rate a post.
Pawan
Feb 21 '07 #3

RedSon
Expert 5K+
P: 5,000
Good luck, let me know how it turns out.
Feb 21 '07 #4

P: 52
Good luck, let me know how it turns out.
OK, I will, also can you tell me how to rate a post.
Pawan
Feb 21 '07 #5

Ganon11
Expert 2.5K+
P: 3,652
As of right now, we don't implement a post-rating system.
Feb 21 '07 #6

RedSon
Expert 5K+
P: 5,000
We currently don't have that facility but if you make another post in this thread about what you would like to rate it and what you think of if I will let the administrators know about it.
Feb 21 '07 #7

RedSon
Expert 5K+
P: 5,000
Oops, Ganon, you beat me to the punch.
Feb 21 '07 #8

Ganon11
Expert 2.5K+
P: 3,652
XD No matter - I must have faster fingers :P.
Feb 21 '07 #9

RedSon
Expert 5K+
P: 5,000
XD No matter - I must have faster fingers :P.
Actually I think my post is twice as long as yours, so I posted twice as much in about the same time so double :P :P
Feb 21 '07 #10

P: 52
I just wanted to say that the reply to my original post was really quick and I think is really good, and I will surely use the concept in my DES code.
Thats why I thought that there should be post rating system, anyway, I have posted many problems at TSDN and have always benefited from the reply. Great job, keep it up!

Pawan
Feb 21 '07 #11

Ganon11
Expert 2.5K+
P: 3,652
Well, thanks for the kind feelings. I'm just glad we were able to help, and I hope you'll be willing to stop by and help people too!

And you can argue however much you want, RedSon, the fact is that my reply was in before yours. Thus, I win. XD
Feb 21 '07 #12

P: 52
I am posting a reply just to tell what I actually did to overcome the padding problem. I searched a lot on net but almost everywhere I got the answer that I should store the original filelength somewhere, but I thought that as I am opening the file in binary mode, it would be difficult for me to store the filelength. So I created my own mathod. What I did is, initially I found the file's length, and then took filelength%8. Then if say filelength is 66bytes, then I got 2 bytes extra, so after encrypting say 5 blocks(= 5*8bytes) I read 2 bytes and stored them unencrypted. Then continued my encryption process on rest of the file. So during decryption, I decrypted 5 block and copied 2bytes directly and decrypted remaining blocks.

Thus, in this way I achieved a simple solution to my problem. Some might say that the unencrypted 2bytes are a security flaw, but I dont believe, as it is almost impossible and usless to get the knowledge of which 2 bytes are unencrypted.

If any comments on my method, please reply
Pawan
Feb 28 '07 #13

DeMan
100+
P: 1,806
Presumably the two bytes are in some fixed position (so you know where/how to find them - In this case 5 blocks....).
HOWEVER, The two bytes being unencrypted is no security concern, unless they themselves contain secure data.
As they give nothing away about the encryption, and so long as they give as little away as possible about the original plaintext, they are virtually useless even to people who know that exactly those bytes are unencrypted.

As a thought to the problem of storing a file length.....If you have to pad the code out to the nearest 8 blocks anyway, you can make sure that you ALWAYS pad it out (that is even if size%8 = 0, always add 8 bytes). In the last of these you could store the size.....
Feb 28 '07 #14

Post your reply

Sign in to post your reply or Sign up for a free account.