4

I am implementing a decryption of ciphertext using Rijndael's algorithm. Unfortunately, I have not got access to the encryption of the data and have only been provided with a password (to generate the key with) and the type of algorithm.

I do not have a salt (which seems to be ok), and I do not have the IV. Now, my question is whether I absolutely have to have the IV in order to perform decryption? I suspect the developers who wrote the encryption made no use of salt, or IV (if this is even possible).

I have tried to set the IV to null, with no luck, and generating a Rijndael instance creates a default IV, and this is distorting the first 16 characters of my plaintext after decryption.

Is there any way to negate the effect of the IV? Or do a need to try and get hold of what IV was used in the encryption?

Nathan Boshoff
  • 43
  • 1
  • 4
  • Perhaps the first 16 characters of your cipher *are* the IV? – President James K. Polk Sep 05 '11 at 13:29
  • @GregS I don't think so in this case. The first 16 characters are just rubbish, and they replace what should be the first 16 characters of my plaintext. The characters from char 17 onwards are correctly decrypted in the correct position. – Nathan Boshoff Sep 05 '11 at 13:52
  • 2
    another possibility is the IV is always zero. This sometimes happens when folks who aren't sure about crypto security considerations implement it. Also, some implementations have the as a default an IV of all zeros. In this case I'd try an IV of 16 zeros (binary, not ASCII). – President James K. Polk Sep 05 '11 at 15:02
  • 2
    Yep, that is exactly what happened. Having contacted them, they informed me that the IV is generated with zeros. Thanks for the input! For anyone interested, this is the code to fill the IV with zeros: `myRijndael.IV = new byte[myRijndael.IV.Length];` – Nathan Boshoff Sep 06 '11 at 08:31

3 Answers3

3

If the cipher has been used to encrypt in CBC mode (which is the default) then you have to know the IV, there's no way around it.

However, since the purpose of the IV is not the same as the purpose of the password, sometimes you find the IV prepended to the encrypted data (so that the recipient can easily grab it to use when decrypting).

Jon
  • 428,835
  • 81
  • 738
  • 806
3

You can use the ECB mode and it will ignore the IV. You need an IV for other modes like CBC, though.

123
  • 5,666
  • 7
  • 25
  • 30
  • ECB mode is not secure. CTR mode is secure and does not need an IV, though you will need the nonce used to encrypt. – rossum Sep 05 '11 at 13:43
1

If it was encrypted with an IV, then yes, you will need the IV in order to correctly decrypt.

From your description about the first 16 characters, it sounds like you're working in CBC mode. See the diagram here for why you'll need the IV: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29.

Oliver Charlesworth
  • 267,707
  • 33
  • 569
  • 680
  • @Henk: No, the IV only affects the first block. The equivalent of the IV for the second block is the cyphertext of the first block. – rossum Sep 05 '11 at 13:45
  • @Oli Thanks for the link. They'd made it much clearer as to what the IV is actually doing. – Nathan Boshoff Sep 05 '11 at 13:53