Golang AES StreamReader Encryption - Example omits any authentication of encrypted data

Question

Golang AES StreamReader Encryption - Example omits any authentication of encrypted data

Finally, I submit my first question to StackOverflow. I have been using this site for many years and I have always found excellent answers to all my questions :)

I use the background daemon to encrypt files, which is based on the official Golang encryption example:

func ExampleStreamReader() {
    key := []byte("example key 1234")

    inFile, err := os.Open("encrypted-file")
    if err != nil {
        panic(err)
    }
    defer inFile.Close()

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // If the key is unique for each ciphertext, then it ok to use a zero
    // IV.
    var iv [aes.BlockSize]byte
    stream := cipher.NewOFB(block, iv[:])

    outFile, err := os.OpenFile("decrypted-file", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
    if err != nil {
        panic(err)
    }
    defer outFile.Close()

    reader := &cipher.StreamReader{S: stream, R: inFile}
    // Copy the input file to the output file, decrypting as we go.
    if _, err := io.Copy(outFile, reader); err != nil {
        panic(err)
    }

    // Note that this example is simplistic in that it omits any
    // authentication of the encrypted data. If you were actually to use
    // StreamReader in this manner, an attacker could flip arbitrary bits in
    // the output.
}

func ExampleStreamWriter() {
    key := []byte("example key 1234")

    inFile, err := os.Open("plaintext-file")
    if err != nil {
        panic(err)
    }
    defer inFile.Close()

    block, err := aes.NewCipher(key)
    if err != nil {
        panic(err)
    }

    // If the key is unique for each ciphertext, then it ok to use a zero
    // IV.
    var iv [aes.BlockSize]byte
    stream := cipher.NewOFB(block, iv[:])

    outFile, err := os.OpenFile("encrypted-file", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
    if err != nil {
        panic(err)
    }
    defer outFile.Close()

    writer := &cipher.StreamWriter{S: stream, W: outFile}
    // Copy the input file to the output file, encrypting as we go.
    if _, err := io.Copy(writer, inFile); err != nil {
        panic(err)
    }

    // Note that this example is simplistic in that it omits any
    // authentication of the encrypted data. If you were actually to use
    // StreamReader in this manner, an attacker could flip arbitrary bits in
    // the decrypted result.
}

What is meant by the following quote. What should I care about secure encryption and decryption?

Please note that this example is simplified in that it excludes any authentication of encrypted data. If you were actually that way to use StreamReader, an attacker could bit the output.

Thank!

+4

go encryption aes encryption-symmetric

M4ng0Squ4sh May 09 '15 at 9:52

source share

1 answer

Caleb · Accepted Answer · 2015-05-10T02:28:10+0000

From Wikipedia:

ECB, CBC, OFB, CFB, CTR XTS , .

: https://security.stackexchange.com/a/33576.

Go , . rossum , GCM CCM. godoc.org. , HashiCorp .

, , - NaCL golang.org/x/crypto/nacl:

func Open(out []byte, box []byte, nonce *[24]byte, key *[32]byte) ([]byte, bool)
func Seal(out, message []byte, nonce *[24]byte, key *[32]byte) []byte

, API, , .

Golang AES StreamReader Encryption - Example omits any authentication of encrypted data

More articles: