The decryption process can succeed because the protocol specifies that the padding can contain randomness, and it knows where the padding starts.
Padding is used when the final block is smaller than the block size. Some pad forms append a full block of padding to an otherwise fully-sized block. For more information, please see http://www.rsa.com/rsalabs/node.asp?id=2124 . This is a list of what are called the "public key cryptography standards", or PKCS. They describe what precisely is going on, and even describe why. However, they are very dense reading. Technically, "one input" + cipher("one key") does end up with one output. However, because the one-to-one correspondence means that if someone figures out the plaintext for a ciphertext, anytime that ciphertext comes up they know what the plaintext is. The PKCS describe a means of mitigating this so-called "dictionary attack" (the ciphertext goes into the dictionary, and the plaintext is the ciphertext's definition), by allowing permutations of the data in a standard way such that the permutations can be identified and removed as part of the decryption process. -Kyle H On Tue, Dec 16, 2008 at 4:51 AM, BiGNoRm6969 <normand.bed...@gmail.com> wrote: > > Ok. I am a little bit confused. You are telling me that a same data encrypted > with the same key can generate different results? How can the decryption > process can succeed ?! > > Maybe it's my cryto knowledge that are limited, but I was sure that one > output correspond to one input. > > I run my tests couples of time and it always gives me the same output result > each times (meaning that the peuso-random generator always gives the same > number?). > > You are probably right, but could you confirm me that my tests are made > correctly (using a longer array than the size passed to the encryption > function) ? > > > > > > > Dr. Stephen Henson wrote: >> >> On Mon, Dec 15, 2008, BiGNoRm6969 wrote: >> >>> >>> Hi, the OpenSSL documentation tells : >>> >>> "RSA_public_encrypt() encrypts the flen bytes at from (usually a session >>> key) using the public key rsa and stores the ciphertext in to. to must >>> point >>> to RSA_size(rsa) bytes of memory. " >>> >>> >>> I made a test and I saw something strange. I used theses arrays for my >>> tests: >>> >>> unsigned char* test1 = new unsigned char[5]; >>> test1[0] = 'a'; >>> test1[1] = 'b'; >>> test1[2] = 'c'; >>> test1[3] = 'd'; >>> test1[4] = 'e'; >>> >>> unsigned char* test2 = new unsigned char[4]; >>> test2[0] = 'a'; >>> test2[1] = 'b'; >>> test2[2] = 'c'; >>> test2[3] = 'd'; >>> >>> >>> Here is my test: >>> >>> RSA_public_encrypt(4, test1, encryptedLine1, publicKey, >>> RSA_PKCS1_PADDING); >>> RSA_public_encrypt(4, test2, encryptedLine2, publicKey, >>> RSA_PKCS1_PADDING); >>> >>> The two results (stored in encryptedLineX...) are not the same and I >>> don't >>> understand why. The first argument is not supposed to be the length (in >>> bytes) of the data to be encrypted ? So in the two cases, the encryption >>> is >>> not supposed to bo on caracter 1 to 4 !? >>> >> >> This is expected behaviour and is due to the nature of that padding mode. >> It >> includes some pseudo random data which is different on each invocation. So >> even if you encrypt the same data using the same key you will get a >> different >> output each time. >> >> Steve. >> -- >> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage >> OpenSSL project core developer and freelance consultant. >> Homepage: http://www.drh-consultancy.demon.co.uk >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> >> > > -- > View this message in context: > http://www.nabble.com/RSA_public_encrypt%28%29-strange-result-output...-is-it-a-bug-%21--tp21022467p21032487.html > Sent from the OpenSSL - User mailing list archive at Nabble.com. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
