0

I encrypted a text in AES with the code below and decrypt the Ciphertext with Online decryption websites (Website 1, Website 2). But, the decrypted text from all websites contains some unwanted strings in front as shown in this picture.

import base64
import hashlib
from Crypto import Random
from Crypto.Cipher import AES

key = b'asdfghjklqwertyu'

class AESCipher(object):

    def __init__(self, key): 
        self.bs = AES.block_size
        self.key = key

    def encrypt(self, raw):
        raw = self._pad(raw)
        iv = Random.new().read(AES.block_size)
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return base64.b64encode(iv + cipher.encrypt(raw.encode()))

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)

a = AESCipher(key)
print(a.encrypt('Hey There!'))
Hemantapkh
  • 13
  • 1
  • 6

1 Answers1

3

The devlan site explains

CBC mode is highly recommended and it requires IV to make each message unique. If no IV is entered then default will be used here for CBC mode and that defaults to a zero based byte[16].

So your prepended IV is considered as a ciphertext block. Now, you have two blocks there. In the CBC mode, the decryption is performed as ( blocks are counted form 1);

Pi = Dec(key, Ci) + Ci
C0 = IV
  • your P1 = Dec(key, C1) + C0 and this is garbage since the IV = 0
  • your P2 = Dec(key, C2) + C1 and this is your original message.

This works due to the property of the CBC mode and the below diagram shows the case;

enter image description here

It is nice you tested there and there. You should read all documentation of a program before use, and this is more critical in Cryptographic applications.

Your prepending the IV is correct and nothing was wrong there, you just need to supply your IV to the site and just the ciphertext blocks.

If you need to decrypt the text without the IV, set the iv to default while encrypting.

class AESCipher(object):

    def __init__(self, key): 
        self.bs = AES.block_size
        self.key = key

    def encrypt(self, raw):
        raw = self._pad(raw)
        iv = b'\0'*16 #Default zero based bytes[16]
        cipher = AES.new(self.key, AES.MODE_CBC, iv)
        return base64.b64encode(cipher.encrypt(raw.encode()))

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)
Hemantapkh
  • 13
  • 1
  • 6
kelalaka
  • 5,064
  • 5
  • 27
  • 44
  • Thanks! After setting the IV to default with zero-based bytes[16], it worked without passing the IV on the site which I needed. I have submitted an edit adding the code with the default IV. – Hemantapkh Nov 08 '20 at 09:49
  • 1
    Note that that is actually not the correct way. You should separate your IV and ciphertext for testing with the site. In the normal CBC, the zero IV is used with CBC-MAC, othwise the CBC IV must be unpredictable see the notes under [this answer](https://stackoverflow.com/a/64697977/1820553) – kelalaka Nov 08 '20 at 09:55
  • 1
    Thank you. In my case i don't want the IV to be unpredictable. – Hemantapkh Nov 08 '20 at 10:01