Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Is there a way to tell if a file has been encrypted already if I know the Algorithm was AES?
I would have been the one to encrypt it, so information to decrypt or encrypt is not a problem. However, if you try to decrypt a file that has not been encrypted you'll lose all the data. If you encrypt it twice, you get a double encryption. You can reverse a double encryption but you need to know that it is encrypted twice.
Is there a way to determine programatically?
I'm doing this in Java.
there is no way to tell if anything has been encrypted with AES, it doesnt leave a signature, thats part of the point. although you can infer that its probably been encrypted with AES or some other 128bit block cipher by testing if the length of the data in bytes is a multiple of 16, suggesting a 128bit block cipher with padding on the last block
It depends on the unencrypted file format. If your unencrypted file has a specific file header, you can search for that header. If you find it, the file is unencrypted. If you don't find it the file could be encrypted.
If your unencrypted file does not have a specific file header ... then tough luck.
If you're open to using an external program, you can use openssl to attempt to decrypt the data. As long as you provide a non-blank password on unencrypted data it will return with a "bad magic number" error. Not sure yet exactly how openssl is generating that message (if I could you could do that in your code), but it's a start.
$ openssl enc -d -aes-256-cbc -in /Applications/Wireshark.app/Contents/MacOS/Wireshark
enter aes-256-cbc decryption password:
bad magic number
Another method would be to check the first 8 characters of the file are "Salted__" and the following 8 characters are the salt (provided the encryption was salted which the openssl binary does by default but can be disabled).
0000000: 5361 6c74 6564 5f5f 70d6 3655 ae12 58de Salted__p.6U..X.
Related
I created a PGP public/private key using the following command from my local machine
gpg --full-generate-key --openpgp
I encrypt a file using Golang code(https://github.com/ProtonMail/gopenpgp), and the BouncyCastle Java library decrypts the file(on a different server). Encryption and decryption work when I encrypt the file from my local machine. Decryption fails when I run the same code on my server to encrypt the file. I also noticed that the encrypted file packets differ when I encrypt on my local machine vs. the server. I am using the following command to list packets.
gpg --list-packets ~/encrypted_file_name.pgp
Is it possible to use the public key on the server-generated on my local machine? How to do PGP encryption on a server?
Thanks.
It is probably worth double checking everything outside your code using the gpg cli to rule out weirder issues.
On the encrypting side run:
# list the keys and grab the key id you expect, it should be 40 characters uppercase+numbers
gpg --list-keys
# encrypt a message for that ID
echo 'test' | gpg -ear <KEY_ID>
Copy the output of the above to your clipboard, then on the decrypting server run the following:
# list the secret keys available, there must be one in this list with the exact same KEY_ID from above
gpg --list-secret-keys
# make sure you can use that key by decrypting the message from the first step
cat <<EOF | gpg -d
<paste the message>
EOF
If this works then we'll probably need you to put together code that reproduces the issue.
Only the one who encoded it into or onto a program, etc is able to decode or decrypt it via the certificate as required along with a passphase that would be applied no one can access unless digital signature matches, certificate and passphase.
I'm trying to decrypt UDP packets for a multiplayer video game. When loading into a game session, a DTLS handshake occurs where, in Wireshark, I usually see the Client and Server agree on ChaCha20 Poly1305 encryption. The game actually live logs a "key" in a log file, which is 32 bytes long hex-coded, along with an HMAC and IV. At this point I'm not sure what to do. I tried decrypting individual messages in Python with some cryptography libraries but I realized that might be silly upon learning DTLS, or at least TLS packets, cannot be decrypted independently. I know I can possibly have Wireshark point to a file or add a key to live decrypt something, but have not had luck doing so. I started this process from basically no knowledge on internet security protocols or cryptography and have learned a lot but am at a standstill, and just want to make sure I'm not far off-base here.
Wireshark screenshot of handshake
It depends on what the game is actually writing to the file. Wireshark has support for decrypting TLS/DTLS using the RSA private key, the premaster secret or master secret. If the log file contains the premaster or master secret, then you should be able to shoe-horn it into wireshark, and decrypt the stream from there.
If it isn't, then you'll need to work out what it actually is first, and then it's a bit more of a manual job to get at the data.
I have a salt that while decoded is not in an openSSL readable format. The salt is in the DES3 encryption standard and looks something like this Salted__}..O.G....^..GZ LbvbJ5eYm...R...,#.M.U...
I know that this flag is formatted incorrectly since whenever I execute openssl des3 -d -salt -in file.des3 -out file.txt -k <password> it returns bad decrypt. I was wondering how the flag is supposed to be formatted and if outside the dots there are any other characters that dont belong
Thank you
Someone's here for picoCTF... eheheh
In the openssl encryption format, for that cipher, the first 8 bytes are the ascii codes for the string "Salted__" and the next 8 bytes represent the salt...
So if we have the following "Salted__12345678", as the first 16 bytes from the file, the Salt is "12345678"...
But, when trying to decrypt a file using the OpenSSL tool, the tool already knows how to get the salt, and knows the value of the salt, so there's no need for you to get that value, unless you want to use another tool.
(Just a small side-note)
If you're indeed doing the picoCTF, you should use the Webshell for the decryption, because of the version of OpenSSL. For some people it worked...
Hope it answered your question.
I'm expecting to cipher a string, from a client side (using aes-256-cbc and a Secret-Password already known by both server & client).
And then I'd like to decipher it (on the server side).
I have a code which does work just fine (functionnaly speaking). But it seems I need to send the IV vector from client to server.
I currently did it like this :
00000000000000000000000000000000.JAPQElUAxxxxxxxxxxxjTgJAPQElUAfgydvbY=
So, on the server I split the payload with a "dot" as separator and consider the first item to be the vector.
I believe this is not good to sendthe IV like this.
Would you please help me to understand how should it works?
In CBC encryption mode sending the IV without encrypted is normal and there is nothing to worry as long as the IV is unpredictable. See this question Why is CBC with predictable IV considered insecure against chosen-plaintext attack? from Cryptography.
A common way to send the IV is prepending it to the ciphertext. The libraries, in general, were designed to extract first 16-byte or enable offset in the byte-arrays.
CBC mode of operation is outdated. It has many problems as padding oracled attacks. You should use better alternative Authenticated Encryption (AE) modes as AES-GCM and ChaCha-Poly1305 which does not need padding. Also, in AE you will have confidentiality, integrity, and authentication where CBC only supports confidentiality.
AS modes provide an Authentication Tag that you will need to transmit with the IV. The usual practice; prepend the IV and append the tag to the ciphertext.
IV || Ciphertext||Tag
This question already has answers here:
Why does RSA encrypted text give me different results for the same text
(2 answers)
Closed 5 years ago.
I generate private/public keys, and a small text file,
openssl genrsa -out priv.pem
openssl rsa -out pub.pem -in priv.pem -pubout
echo "A" > plain.txt
When you encrypt the text file with the public key twice, as so,
openssl rsautl -encrypt -pubin -inkey pub.pem -in plain.txt -out cipher.txt
you will see that the two cipher.txt differ. This is what I do not understand.
When you encrypt the text file with the public key twice ... you will see that the two cipher.txt differ. This is what I do not understand.
This is called probabilistic encryption (versus deterministic encryption). Its that way by design so that the same message encrypted twice does not produce the same cipher text. Its due to the masking function and padding functions used by RSA.
If encryption produced the same cipher text, then your adversary could gain information. For example, if your adversary sees a message he does not understand but observers your army attacks his army the next morning, he might guess that the message was "Attack at dawn". If he sees that same encrypted message again, he's probably going to be ready for an attack at dawn the next day.
The folks on the crypto stack exchange might be able to help you further if you want the details of MGFs, OAEP and the like. Also, Dr. Steve Bellovin has a very approachable introduction to cryptography at An Introduction to Cryptography.