8 byte key for 3DES

T

tshad

I am trying to use 3DES to encrypt my keys and am using VS 2003.

I am trying to pass a value like: mCJ4@L2= where the value is 8 bytes long.

I was told that you need a 16 byte key. But this seems to be working. I
don't want to change it if I don't have to as I already have encrypted some
of my data.

I pass it in the line:

Dim pdb As New Security.Cryptography.PasswordDeriveBytes(key,New Byte(-1)
{})

I don't get an error but I want to make sure this isn't going to cause me a
problem later.

*****************************************************
Public Shared Function TripleDESEncode(ByVal value As String, ByVal
key As String) As String
Dim des As New
Security.Cryptography.TripleDESCryptoServiceProvider
des.IV = New Byte(7) {}
Dim pdb As New Security.Cryptography.PasswordDeriveBytes(key,
New Byte(-1) {})
des.Key = pdb.CryptDeriveKey("TripleDES", "MD5", 168, New
Byte(7) {})
Dim ms As New IO.MemoryStream((value.Length * 2) - 1)
Dim encStream As New Security.Cryptography.CryptoStream(ms,
des.CreateEncryptor(), Security.Cryptography.CryptoStreamMode.Write)
Dim plainBytes As Byte() = Text.Encoding.UTF8.GetBytes(value)
encStream.Write(plainBytes, 0, plainBytes.Length)
encStream.FlushFinalBlock()
Dim encryptedBytes(CInt(ms.Length - 1)) As Byte
ms.Position = 0
ms.Read(encryptedBytes, 0, CInt(ms.Length))
encStream.Close()
Return Convert.ToBase64String(encryptedBytes)
End Function
*************************************************************

Thanks,

Tom
 
T

tshad

Mark Rae said:
Who told you that...? Not me, certainly!

Your key can be pretty much any length...
Click to expand...
No, it wasn't you. I saw somewhere that for 3DES the key length was
supposed to be 16 or more.

Also, I did a test on that MD5/SHA1 problem and apparently the line:

des.Key = pdb.CryptDeriveKey("TripleDES", "MD5", 168, New Byte(7) {})

will give me the same results as:

des.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 168, New Byte(7) {}).

I used the first one to encrypt my string and then the 2nd one to decrypt it
and got the correct result.

I assume that there is a bug in the CryptDeriveKey function.

Thanks,

Tom
 
M

Mark Rae

No, it wasn't you. I saw somewhere that for 3DES the key length was
supposed to be 16 or more.
Click to expand...

Well, I always use a 16-byte (i.e. 128-bit) key, but I don't believe it's
compulsory...
I assume that there is a bug in the CryptDeriveKey function.
Click to expand...

Hmm - I don't know enough about it to comment, sorry...

However, at least you have a viable encryption solution now... :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

3DES confusion 1
Security - 3DES and RC2 0
Hash seems incorrect in RC2 0
save uploaded image thumbnail to sql db image field 1
encrypt a string and write it out to a file 1
Update element value ViewWeb2 .net Control 1
Facing exception: Invalid byte 2 of 4-byte UTF-8 sequence. 6
XML-Parsing with UTF-8 Byte-Order-Mark (BOM) 0

Members online

Total: 18 (members: 1, guests: 17)
Robots: 343

Forum statistics

Threads
473,755
Messages
2,569,536
Members
45,015
Latest member
AmbrosePal

Latest Threads

Top