Geek Answers Handbook

Why can I encrypt data with one DES key and successfully decrypt with another?

I tried to implement the DES algorithm using the pyDes and Crypto.Cipher.DES modules. I found that when I encrypt the key 82514145 and then decrypt the cipher with 93505044 , I can get the decrypted text. I found 256 keys that behave like this. This is a violation of cryptography. My code is as follows:

  from Crypto.Cipher import DES plain_text = 'asdfghij' print 'plain Text: ', plain_text des = DES.new('82514145', DES.MODE_ECB) cipher_text = des.encrypt(plain_text) print 'the cipher text is ', cipher_text des = DES.new('93505044', DES.MODE_ECB) print 'the decrypted text is: ', des.decrypt(cipher_text)

Exit:

 plain Text: asdfghij the cipher text is @ Z     the decrypted text is: asdfghij

Is there any mistake in my work? I also got results with pyDes.

+7
python cryptography encryption-symmetric des pycrypto
source share
2 answers

DES keys are 56 bits long, but they expand to 64 bits thanks to the parity bit. The eighth bit of each byte must be set to ensure odd parity .

Many crypto libraries ignore parity bits, which means that there are many ways to represent the same 56-bit key in a 64-bit key string. Actually there are 2 8 different ways, which explains why you found 256 matching keys.

Your example includes two key values ​​that differ only in parity bits. See below: the parity bit is in [] :

 82514145 = 0x3832353134313435 = 0011100[0] 0011001[0] 0011010[1] 0011000[1] 0011010[0] 0011000[1] 0011010[0] 0000000[0] 93505044 = 0x3933353035303434 = 0011100[1] 0011001[1] 0011010[1] 0011000[0] 0011010[1] 0011000[0] 0011010[0] 0000000[0]

None of the keys are truly valid. The correct representation of this key is: 0x3832343134313401 .

+8
source share

This is a great example of why you should never use a password provided by a user as a key in a key in a cipher . Instead, use the key derivation function .

In addition, you should not use DES for purposes other than education, as this is usually considered unsafe. The key is currently considered too short, and some known attacks reduce its complexity.

+2
source share

More articles:


All Articles