Prev: My Cryptography that is Currently on the Joke-of-the-Day site
Next: Cryptography Currently on the Table.
From: Bruce Stephens on 5 Jul 2010 17:34 David Eather <eather(a)tpg.com.au> writes: > On 6/07/2010 4:19 AM, Bruce Stephens wrote: [...] >> IIUC the request was for a program that would permit ECB in order to >> verify against a test vector. That seems a reasonable request, even if >> you don't want to use ECB. > > No he wants to use it in his blog where he specifies use of the all zero key Possibly. I imagined he wanted to indicate that some bit of this journal was encrypted using AES (in some mode, perhaps ECB or perhaps some more sensible mode) with an IV of zeros and a key of zeros. If one wanted to do that, it would make sense to check that whatever software you were using against test vectors, just to make sure the code's doing what you intend (rather than using "000000..." as a password to produce a key or something (unless that's what you intend, obviously)).
From: biject on 5 Jul 2010 19:34 On Jul 5, 9:14 am, Globemaker <alanfolms...(a)cabanova.com> wrote: > Dear sci.crypt, > Please recommend where I can download an AES program with the > following attributes: > 1 The program should allow me to enter the key, not a passphrase. > 2 It should be free > 3 For Windows XP > 4 The ciphertext must have the same number of bytes as the plaintext > that is padded to 128 bit blocks > 5 The ciphertext must succeed in one test vector from NIST for > Electronic Code Book mode > KEY = 00000000000000000000000000000000 > PLAINTEXT = 80000000000000000000000000000000 > CIPHERTEXT expected = 3ad78e726c1ec02b7ebfe92b23d9ec34 > > I have tried 5 programs and they all failed to meet these goals. Are > these goals too strict? When the search was on to develop AES there where I lot of simple programs and I even downloaded some that allowed one to test versus ciphers as well as for the final one picked rijndael had a simple supplied c code that would do just what you want. I am not sure what happened to those simple C references programs. But I think they may have disappeared so that companies could write more complex looking code that you have to pay for. It's strange how the simple easy to compile C code that does exactly what you want and was also easy to modify has disappeared. I am sure someone still has the simple code. So that one could directly test using a simple key where you can encode one block of input and get one block of output. You would think since this is the heart of the algorithm and the rest just dressing that it would be easy to find like it was a few years ago. Seeing the post of Kristian Gjøsteen really shocked me since well before the modes where picked the AES contest ended. If it's so dam poor in ECB mode why the hell did they pick it. Yes I know it a very short block with a very short key. But you would think anyone trusting its use should be able to test this part of the code. Also I have not looked at this government joke of a code for years but the test vectors I remember testing where for many passes through the basic encryption engine. Are you sure that its for one block in and one out. Or is it for many times so that large portions of the encryption engine get somewhat tested. David A. Scott -- My Crypto code http://bijective.dogma.net/crypto/scott19u.zip http://www.jim.com/jamesd/Kong/scott19u.zip old version My Compression code http://bijective.dogma.net/ **TO EMAIL ME drop the roman "five" ** Disclaimer:I am in no way responsible for any of the statements made in the above text. For all I know I might be drugged. As a famous person once said "any cryptograhic system is only as strong as its weakest link"
From: biject on 5 Jul 2010 20:19 On Jul 5, 5:34 pm, biject <biject.b...(a)gmail.com> wrote: > On Jul 5, 9:14 am, Globemaker <alanfolms...(a)cabanova.com> wrote: > > > > > > > Dear sci.crypt, > > Please recommend where I can download an AES program with the > > following attributes: > > 1 The program should allow me to enter the key, not a passphrase. > > 2 It should be free > > 3 For Windows XP > > 4 The ciphertext must have the same number of bytes as the plaintext > > that is padded to 128 bit blocks > > 5 The ciphertext must succeed in one test vector from NIST for > > Electronic Code Book mode > > KEY = 00000000000000000000000000000000 > > PLAINTEXT = 80000000000000000000000000000000 > > CIPHERTEXT expected = 3ad78e726c1ec02b7ebfe92b23d9ec34 > > > I have tried 5 programs and they all failed to meet these goals. Are > > these goals too strict? > > When the search was on to develop AES there where I lot of simple > programs and I even downloaded some that allowed one to test > versus ciphers as well as for the final one picked rijndael had a > simple > supplied c code that would do just what you want. I am not sure what > happened to those simple C references programs. But I think they > may have disappeared so that companies could write more complex > looking code that you have to pay for. It's strange how the simple > easy to compile C code that does exactly what you want and was also > easy to modify has disappeared. > I am sure someone still has the simple code. So that one could > directly test using a simple key where you can encode one block > of input and get one block of output. You would think since this is > the heart of the algorithm and the rest just dressing that it would > be easy to find like it was a few years ago. > Seeing the post of Kristian Gjøsteen really shocked me since > well before the modes where picked the AES contest ended. > If it's so dam poor in ECB mode why the hell did they pick it. > Yes I know it a very short block with a very short key. But you > would think anyone trusting its use should be able to test this > part of the code. > > Also I have not looked at this government joke of a code for > years but the test vectors I remember testing where for many > passes through the basic encryption engine. Are you sure that > its for one block in and one out. Or is it for many times so > that large portions of the encryption engine get somewhat > tested. > If you think AES is any good maybe you should just skip AES and look at a more modern code Vincent Rijmen whose code ended up becoming the AES standard has moved beyond it. Why use AES when his ANUBIS is based on earlier works and most llikely has fixed or improved what he did for AES. My own feelings are that if the US is pushing AES then there most be weaknesses in it. http://www.larc.usp.br/~pbarreto/AnubisPage.html ANUBIS belongs to the same family of block ciphers as the AES winner algorithm, RIJNDAEL The site has a table comparing old AES with his new code. It also has a pointer to his simple C reference code for it. If its any thing like the old reference code that was supplied during the AES contest it likely pretty good. Why use old AES with hard to get test code when you can use his improved ANUBIS code. Just a thought David A. Scott -- My Crypto code http://bijective.dogma.net/crypto/scott19u.zip http://www.jim.com/jamesd/Kong/scott19u.zip old version My Compression code http://bijective.dogma.net/ **TO EMAIL ME drop the roman "five" ** Disclaimer:I am in no way responsible for any of the statements made in the above text. For all I know I might be drugged. As a famous person once said "any cryptograhic system is only as strong as its weakest link"
From: Globemaker on 6 Jul 2010 07:01 On Jul 5, 3:14 pm, Maaartin <grajc...(a)seznam.cz> wrote: > On Jul 5, 8:19 pm, Bruce Stephens <bruce+use...(a)cenderis.demon.co.uk> > wrote: > > > Kristian Gjøsteen <kristiag+n...(a)math.ntnu.no> writes: > > > ECB mode is not secure, so you are asking for an insecure solution. I want to verify that my AES program is compatible with other AES programs. Evidence and tests show it is not compatible. Simple test vectors from NIST use ECB. I am also trying to decrypt with CBC with IV=0. My AES software fails that also, because it rejects 128 input blocks, expecting a 256 bit block. > > > IIUC the request was for a program that would permit ECB in order to > > verify against a test vector. That seems a reasonable request, even if > > you don't want to use ECB. Yes, this is the most basic and simple test. There is no reason to avoid the basic test using ECB. I am doing validation work and all candidaates failed to be validated for the very simple task. TrueCrypt will not accept a key, it required a passphrase. Same for AES Crypt, AxCrypt, Perfect AES. They all fail the simple test vector in ECB and CBC. I will try Mok's C++ source code and gnupg soon. > > Isn't ECB for the first block the same as CBC with IV=0? So you need > no ECB in order to verify the test vector.
From: Kristian Gj�steen on 6 Jul 2010 07:32 Globemaker <alanfolmsbee(a)cabanova.com> wrote: >Yes, this is the most basic and simple test. There is no reason to >avoid the basic test using ECB. I am doing validation work and all >candidaates failed to be validated for the very simple task. Why do you want the software to do something it's not supposed to do? How would that validate the software? If you want to validate the AES implementation in some software, wouldn't a unit test be more appropriate? -- kg
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: My Cryptography that is Currently on the Joke-of-the-Day site Next: Cryptography Currently on the Table. |