Re: Triple DES ECB - just with key - no iv no salt

Wed, 17 Sep 2003 01:11:32 -0700 

In message <[EMAIL PROTECTED]> on Wed, 17 Sep 2003 01:35:48 +0200 (CEST), Henrik 
Nordstrom <[EMAIL PROTECTED]> said:

hno> On Tue, 16 Sep 2003, Richard Levitte - VMS Whacker wrote:
hno> 
hno> > In message <[EMAIL PROTECTED]> on Tue, 16 Sep 2003 13:56:40 +0100, Robert Hogan 
<[EMAIL PROTECTED]> said:
hno> > 
hno> > robert.d.hogan> I only want to use the key - no salt and no iv. As far
hno> > robert.d.hogan> as I understand it, ECB does not require an
hno> > robert.d.hogan> IV. However, when I try the first part of the
hno> > robert.d.hogan> operation:
hno> > 
hno> > Do "openssl enc -h" and observe the difference between -k and -K.  Now
hno> > look at the command you cited above.  At this point, your brain should
hno> > go *ding* *ding* *ding* :-).
hno> 
hno> ???
hno> 
hno> Isn't it just the case that the enc command insist on having an iv
hno> specified even if not actually used by the des-ecb cipher? And to run 
hno> des-ecb with a specified key (not password) one must supply a dummy iv 
hno> just to make the enc command happy with it's arguments.

Now that I look at the source, it certainly looks you're right, and I
was talking somewhat out of my ass (late night, I should learn not to
answer mail late at night...).

However, it looks to me like -K (upper case) is meant to be used with
-iv, and that when -K is used, -iv is basically required.  It looks to
me like using -k (lower case) does a better job if possible.  And if
that's not an option, I guess that '-iv ""' should do.

-- 
Richard Levitte   \ Tunnlandsvägen 3  \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to