0

It doesn't matter how I exactly encrypt and decode files. I operate with file as a char massive, everything is almost fine, until I get file, which size is not divide to 8 bytes. Because I can encrypt and decode file each round 8 bytes, because of particular qualities of algorithm (size of block must be 64 bit).

So then, for example, I face .jpg and tried simply add spaces to end of file, result file can't be opened ( ofc. with .txt files nothing bad happen).

Is any way out here?

If you want information about algorithm http://en.wikipedia.org/wiki/GOST_(block_cipher).

UPD: I can't store how many bytes was added, because initial file can be deleted or moved. And, what we are suppose to do then we know only key and have encrypted file.

Rocketq
  • 5,423
  • 23
  • 75
  • 126

1 Answers1

1

Do you need padding. The best way to do this would be to use PKCS#7.

However GOST is not so good, better using AES-CBC. There is an ongoing similar discussion in "python-channel".

Community
  • 1
  • 1
smeso
  • 4,165
  • 18
  • 27
  • 1
    Care to elaborate on "better using AES-CBC"? [Wikipedia](http://en.wikipedia.org/wiki/GOST_(block_cipher)) has the following statement (not sure if it's correct): As of December 2012 the best known attack on GOST (2^{101}) is on par with the best known attack (2^{100}, based on another weakness noted by Nicolas Courtois) on widely used Advanced Encryption Standard. – Bobrovsky Dec 11 '13 at 05:11
  • Just to quote Wikipedia: "There is not much published cryptanalysis of GOST, but a cursory glance says that it seems secure." and "It has been even called "a deeply flawed cipher" by Nicolas Courtois." Cryptography is a really tricky field, AES is the most analyzed algorithm that we have today, and still some people do not trust it completely. How do you could trust something which has not been fully analized? – smeso Dec 11 '13 at 11:03
  • Also if your read completely the article that you have linked you will find some other reason why it is not "so good". – smeso Dec 11 '13 at 11:10
  • Thank you. I am sure that GOST is fully analyzed by a number of cryptography specialists (that is why it's a _ST_andard), though. – Bobrovsky Dec 11 '13 at 13:00
  • DES and MD4 were standard too. – smeso Dec 11 '13 at 13:07
  • Are you trying to say that DES and MD4 were not analyzed by cryptography specialists? :-) Or you are trying to say that GOST is _known_ to be less secure than AES? – Bobrovsky Dec 11 '13 at 15:25
  • I'm saying that the simple fact that a given algorithm has been analyzed doesn't mean that it is secure. AES has been analyzed _really_ deeply, much more than GOST. So if it was "broken" it had much more chances to be uncovered than GOST. The simple fact that there is no good know attack against it right now could simply mean that the international interest on GOST is poor. So, if you don't have any particular (political?) reason to use GOST instead of AES, you should not do it, also because AES will be faster. – smeso Dec 11 '13 at 17:33