I’ve got an oddity with the AES block cipher. There are (seemingly
random) artifact bytes that block fill a block passed through the
encryption algorith. For instance, starting with “23” this gets
transformed to
“23\016\016\016\016\016\016\016\016\016\016\016\016\016\016”
The question is, how to reversibly perform the cipher without the
artifacts?
Here is a test program that shows the problem:
#!/usr/bin/env ruby
require ‘rubygems’
require ‘ruby-aes’
class CipherTest
KEY_LENGTH = 256.freeze
MODE = ‘CBC’.freeze
def initialize(block_secret, iv_secret)
@block_secret = block_secret
@iv_secret = iv_secret
end
def aes_encrypt(value)
return Aes.encrypt_buffer(KEY_LENGTH, MODE, @block_secret,
@iv_secret, value)
end
def aes_decrypt(v)
Aes.decrypt_block(KEY_LENGTH, MODE, @block_secret, @iv_secret, v)
end
end
if FILE == $0
seeker = CipherTest.new(“djkfljkljfakljgfakfkajflakjfdfhs”,
“0987654321ABCDEF01234567890ABCDE”)
testval = “23”
encrypted = seeker.aes_encrypt(testval)
p encrypted
decrypted = seeker.aes_decrypt(encrypted)
p decrypted
if decrypted == testval
puts ‘they match, encryption is reversible’
else
puts ‘they differ!’
end
end
ruby-aes is the optimized version from rubyforge
(http://rubyforge.org/frs/download.php/30186/ruby-aes-optimized-1.1.gem)
Thanks,
Jonathan G.
Hi,
Am 06.07.2010 11:21, schrieb Jonathan G.:
I’ve got an oddity with the AES block cipher. There are (seemingly
random) artifact bytes that block fill a block passed through the
encryption algorith. For instance, starting with “23” this gets
transformed to
“23\016\016\016\016\016\016\016\016\016\016\016\016\016\016”
The question is, how to reversibly perform the cipher without the
artifacts?
like you said, you use a BLOCK cipher. So the cipher will pad any data
to match its block size. In your case the block size is 32 byte big (
256 bit key size / 8 ).
Here is a test program that shows the problem:
[snip]
def aes_encrypt(value)
return Aes.encrypt_buffer(KEY_LENGTH, MODE, @block_secret,
@iv_secret, value)
end
def aes_decrypt(v)
Aes.decrypt_block(KEY_LENGTH, MODE, @block_secret, @iv_secret, v)
end
end
[snip]
You use encrypt_BUFFER to encrypt, but decrypt_BLOCK to decrypt. They
are not symmetric. Aes.decrypt_block is a lower level method than
decrypt_buffer. I don’t know the API, but I guess there should be a
decrypt_buffer, which removes the padding.
Waldemar Dick
On Tue, Jul 06, 2010 at 07:04:58PM +0900, Waldemar Dick wrote:
You use encrypt_BUFFER to encrypt, but decrypt_BLOCK to decrypt. They
are not symmetric. Aes.decrypt_block is a lower level method than
decrypt_buffer. I don’t know the API, but I guess there should be a
decrypt_buffer, which removes the padding.
Thank you. Changing to descrypt_buffer fixed things, and saved me from
writing my own padding routine. Can’t explain why I did things that
way earlier either, it was a few months ago 
Cheers,
Jonathan