Re: Please tell me about encryption API of OpenSSL 1.0.1

Mon, 16 Apr 2012 15:44:15 -0700 

Hello, Stephen, Thomas,

From: "Thomas BERNARD" <bernard-...@stg-interactive.com>

To my understanding :
With ECB, the order in which the blocks are crypted/decrypted doesn't
matter.
With CBC and most block modes, it DOES matter !
So if block 1 is encrypted first it MUST be decrypted first.

/* decrypt second block */
EVP_DecryptUpdate(&dec_ctx, block2, &outlen, block2, 4096);
/* decrypt first block */
EVP_DecryptUpdate(&dec_ctx, block1, &outlen, block1, 4096);
is WRONG

EVP_DecryptUpdate(&dec_ctx, block1, &outlen, block1, 4096);
EVP_DecryptUpdate(&dec_ctx, block2, &outlen, block2, 4096);
should work better
Thank you very much for your quick responses. I'm glad about the answers to Q1-Q3 as I can easily minimize the overhead in encryption/decryption.
As for Q4, yes, decrypting blocks in the same order as encrypting them certainly produced correct data. owever, I cannot do that because the application needs to encrypt/decrypt blocks/records in random order.
In addition, I feel I'd better use CBC rather than ECB at least for file type 1 (collection of 4KB blocks), so that others don't know the pattern of blocks such as "this 4KB block consists of the same 16-byte sequences." On the other hand, it is okay for others to know "this and that 4KB blocks have identical data" or "this and that records are identical." (is this thinking reasonable in cryptography world?)
However, I'd like to avoid the overhead of calling EVP_EncryptInit_ex/EVP_DecryptInit_ex for each block/record, because I wonder if those functions have relatively high overhead especially when AES-NI decrease the overhead of encryption/decryption. That is, I'm afraid that repeated init calls reduces the benefits gained by AES-NI. Is there any way? 

 if (ctx->cipher->ctx_size)
  {
  ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
...
  case EVP_CIPH_CBC_MODE:

  OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <=
    (int)sizeof(ctx->iv));
  if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
  memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
  break;
...
if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
 if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
}

Regards
MauMau

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to