AES encryption doubts about array sizes

Discussion in 'Java' started by jimgardener, Dec 2, 2008.

  1. jimgardener

    jimgardener Guest

    hi,
    i was learning to do AES encryption using inlineIVs .I used an input
    byte[] of 16X3 bytes, secretkey from a byte[] of 24 bytes and an iv
    byte[] of 16 bytes.

    <code snippet>

    byte[]input = new byte[] {
    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0a, 0x0b,
    0x0c, 0x0d, 0x0e, 0x0f,0x0f, 0x00, 0x03, 0x09, 0x0d, 0x04, 0x05, 0x02,
    0x06,0x01, 0x07,0x08, 0x0a, 0x0b, 0x0c, 0x0e, 0x00, 0x01, 0x02, 0x03,
    0x04, 0x05, 0x06, 0x07 ,0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
    0x0f};

    byte[] ivBytes=new byte[]{
    0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,0x08, 0x09, 0x0a, 0x0b,
    0x0c, 0x0d, 0x0e, 0x0f };

    byte[]keyBytes = new byte[] {
    0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };

    SecretKeySpec key=new SecretKeySpec(keyBytes,"AES");
    IvParameterSpec ivSpec=new IvParameterSpec(new byte[16]);
    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
    cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
    byte[] cipherText=new byte[cipher.getOutputSize(ivBytes.length
    +input.length)];
    int ctLength=cipher.update(ivBytes,0,ivBytes.length,cipherText,0);
    System.out.println("encryption::ctLength="+ctLength);
    ctLength+=cipher.update(input,0,input.length,cipherText,ctLength);
    debug("encryption::ctLength="+ctLength);
    ctLength+=cipher.doFinal(cipherText,ctLength);
    debug("encryption::ctLength="+ctLength);

    <code snippet/>
    when i ran this code ,i get these values for the number of bytes
    stored in the input after each update() call

    encryption::ctLength=0
    encryption::ctLength=48
    encryption::ctLength=80

    Why is the number of bytes stored in the output 0 after the first
    update call?shouldn't it be equal to the size of iv?

    also,I tried the decryption ,

    <code snippet>
    cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
    byte[] decryptBuf=new byte[cipher.getOutputSize(ctLength)];
    int bufLength=cipher.update(cipherText,0,cipherText.length,decryptBuf,
    0);
    debug("decryption:: bufLength="+bufLength);
    bufLength+=cipher.doFinal(decryptBuf,bufLength);
    debug("decryption:: bufLength="+bufLength);
    //need to remove the iv from output plaintext
    byte[] plainText=new byte[bufLength-ivBytes.length];
    System.arraycopy
    (decryptBuf, ivBytes.length,plainText,0,plainText.length);

    <code snippet/>

    here i get ,
    decryption:: bufLength=64
    decryption:: bufLength=64

    shouldn't these be 48 instead?
    If someone can explain how these numbers occur..it wd help me a lot.I
    am a beginner in this topic.
    thanks
    jim
    jimgardener, Dec 2, 2008
    #1
    1. Advertising

  2. jimgardener

    Roedy Green Guest

    On Tue, 2 Dec 2008 08:18:15 -0800 (PST), jimgardener
    <> wrote, quoted or indirectly quoted someone who
    said :

    >hi,


    Encryption seems to like padding your messages in subtle ways. A
    brute force way to deal with the problem is to put the length of your
    message on the front so it gets encrypted too and only use that many
    bytes of the result.
    --
    Roedy Green Canadian Mind Products
    http://mindprod.com
    "Humanity is conducting an unintended, uncontrolled, globally pervasive experiment
    whose ultimate consequences could be second only to global nuclear war."
    ~ Environment Canada (The Canadian equivalent of the EPA on global warming)
    Roedy Green, Dec 2, 2008
    #2
    1. Advertising

  3. jimgardener

    Arne Vajhøj Guest

    jimgardener wrote:
    > i was learning to do AES encryption using inlineIVs .I used an input
    > byte[] of 16X3 bytes, secretkey from a byte[] of 24 bytes and an iv
    > byte[] of 16 bytes.
    >
    > <code snippet>
    >
    > byte[]input = new byte[] {
    > 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,0x08, 0x09, 0x0a, 0x0b,
    > 0x0c, 0x0d, 0x0e, 0x0f,0x0f, 0x00, 0x03, 0x09, 0x0d, 0x04, 0x05, 0x02,
    > 0x06,0x01, 0x07,0x08, 0x0a, 0x0b, 0x0c, 0x0e, 0x00, 0x01, 0x02, 0x03,
    > 0x04, 0x05, 0x06, 0x07 ,0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e,
    > 0x0f};
    >
    > byte[] ivBytes=new byte[]{
    > 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,0x08, 0x09, 0x0a, 0x0b,
    > 0x0c, 0x0d, 0x0e, 0x0f };
    >
    > byte[]keyBytes = new byte[] {
    > 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
    > 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
    > 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 };
    >
    > SecretKeySpec key=new SecretKeySpec(keyBytes,"AES");
    > IvParameterSpec ivSpec=new IvParameterSpec(new byte[16]);
    > Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
    > cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
    > byte[] cipherText=new byte[cipher.getOutputSize(ivBytes.length
    > +input.length)];
    > int ctLength=cipher.update(ivBytes,0,ivBytes.length,cipherText,0);
    > System.out.println("encryption::ctLength="+ctLength);
    > ctLength+=cipher.update(input,0,input.length,cipherText,ctLength);
    > debug("encryption::ctLength="+ctLength);
    > ctLength+=cipher.doFinal(cipherText,ctLength);
    > debug("encryption::ctLength="+ctLength);
    >
    > <code snippet/>
    > when i ran this code ,i get these values for the number of bytes
    > stored in the input after each update() call
    >
    > encryption::ctLength=0
    > encryption::ctLength=48
    > encryption::ctLength=80
    >
    > Why is the number of bytes stored in the output 0 after the first
    > update call?shouldn't it be equal to the size of iv?


    It apparently does some buffering.

    The API works according to specs - you should not worry
    about the implementation.

    > also,I tried the decryption ,
    >
    > <code snippet>
    > cipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
    > byte[] decryptBuf=new byte[cipher.getOutputSize(ctLength)];
    > int bufLength=cipher.update(cipherText,0,cipherText.length,decryptBuf,
    > 0);
    > debug("decryption:: bufLength="+bufLength);
    > bufLength+=cipher.doFinal(decryptBuf,bufLength);
    > debug("decryption:: bufLength="+bufLength);
    > //need to remove the iv from output plaintext
    > byte[] plainText=new byte[bufLength-ivBytes.length];
    > System.arraycopy
    > (decryptBuf, ivBytes.length,plainText,0,plainText.length);
    >
    > <code snippet/>
    >
    > here i get ,
    > decryption:: bufLength=64
    > decryption:: bufLength=64
    >
    > shouldn't these be 48 instead?


    No. You encrypted 64 bytes (16 iv + 48 input) so it is
    correct.

    Arne
    Arne Vajhøj, Dec 3, 2008
    #3
  4. jimgardener

    Arne Vajhøj Guest

    Roedy Green wrote:
    > On Tue, 2 Dec 2008 08:18:15 -0800 (PST), jimgardener
    > <> wrote, quoted or indirectly quoted someone who
    > said :
    >> hi,

    >
    > Encryption seems to like padding your messages in subtle ways. A
    > brute force way to deal with the problem is to put the length of your
    > message on the front so it gets encrypted too and only use that many
    > bytes of the result.


    Nonsense.

    The Java Cipher code is perfectly capable of adding and removing
    padding.

    Arne
    Arne Vajhøj, Dec 3, 2008
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Lars J.
    Replies:
    0
    Views:
    476
    Lars J.
    Jul 31, 2005
  2. Chris Curvey

    modes for AES encryption?

    Chris Curvey, Mar 24, 2005, in forum: Python
    Replies:
    1
    Views:
    373
    Chris Curvey
    Mar 29, 2005
  3. Tuvas

    AES encryption

    Tuvas, Mar 7, 2006, in forum: Python
    Replies:
    5
    Views:
    408
    Bryan Olson
    Mar 11, 2006
  4. Meszaros, Stacy

    AES Encryption of byte array

    Meszaros, Stacy, Mar 1, 2011, in forum: Python
    Replies:
    0
    Views:
    200
    Meszaros, Stacy
    Mar 1, 2011
  5. Nate Wiger

    New AES gem available -- fast-aes

    Nate Wiger, Jan 20, 2010, in forum: Ruby
    Replies:
    3
    Views:
    193
    Pål Bergström
    Jul 1, 2010
Loading...

Share This Page