On Mon, Oct 28, 2013 at 11:48:22PM +0100, Luis Rocha wrote:
> + Filename topsecret.txt which only contains the character 'a'
> + Encrypt it with DES using CBC mode with key and iv = 0 produces the
> result '32ea a0fa 4f77 fb92'
>
> user@debian:~$ openssl enc -des-cbc -K 0 -iv 0 -nosalt -in topsecret.txt
> 0000000: 32ea a0fa 4f77 fb92 2...Ow..
Note, "0" is not a valid DES key, nor a valid DES iv. To be a
valid key it needs to be 8 bytes with the right parity bits. So
I don't believe that you can expect well-defined behaviour with
the specified inputs.
> If I use the cryptool 1.4.31 to do the same exercise the result is
> '0C29 5D71 8258 D464'
What does "same" mean? What is the syntax for key/iv in that utility?
> I also noticed that openssl generates the same output for different modes
> of des e.g.
>
> user@debian:~$ openssl enc -des-ecb -K 0 -iv 0 -nosalt -in topsecret.txt |
> xxd
For a single block with a zero IV, the output of ECB and CBC is
naturally the same. If you use a non-zero IV, you'll observe that
CBC and ECB produce different results.
> While if I do the same in Cryptool the output for the ECB mode is:
>
> '841B D8A4 2931 FCF5'
Which shows that this tool is not in fact using a zero IV, likely
because your input is invalid.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
