Live Journal about blowfish |

Recent Posts

Best links

Web Hosting Reviews

    • Can AES Encryption be Cracked?

    | Under Live Jounal

    Apart from social engineering exist two ways to break an encryption key like AES, brute force and cryptanalysis. Find out here whether AES encryption can be cracked any time soon, along with the latest AES development and recommendations from IT security evangelist Bruce Schneier.

    Besides social engineering exist two ways to break any encryption key, brute force and cryptanalysis. After the introduction we look at why AES and similar encryption schemes are secure against brute-force attacks using computer power to crack a key. Then you will find the latest development from the studies of AES by means of cryptanalysis. If you are not familiar with encryption it is recommended reading Bright Hub’s article What is AES Encryption? and Types of Encryption.

    Brute Force

    Mathematicians have discovered that any positive integer greater than one can be expressed as the product of its prime factors; the prime decomposition of the number 22 for instance is 2 x 11. There are a number of algorithms for integer factorization, but the difficulty and complexity to find the prime factor increases at the last sub-exponentially with the size of the integer.

    This essentially means that the prime decomposition of large numbers is computationally infeasible with traditional computers. As the strongest encryption algorithms in use today, such as, for instance, Rijndael, which has become the Advanced Encryption Standard (AES), employ large integer factorization, AES in unbreakable – again with the premise of traditional computers in mind.

    A quantum computer operating on qubits instead of bits offer polynomial speed for some computing problems including Integer factorization, so that taking into account Cobham’s thesis we know that the traditional encryption algorithm keys can be feasibly computed. Therefore, when quantum computing gets out of the lab will ciphertext produced by traditional cryptography no longer be secure.

    Cryptanalysis

    The Advanced Encryption Standard can be used with 256-bit keys, immune against Moore’s Law for the years to come. However, cryptanalysts studying the inner working of an algorithm are constantly trying to find a weakness in the encryptions algorithms or to break it. Most “vulnerabilities” are usually of rather theoretical nature, so there is nothing to worry about for an ordinary computer user as the subject is being watched and followed by the IT security community which has been trying to crack publicly documented encryption schemes including AES for years.

    Yet, it was only recently when Bruce Schneier, the inventor of Twofish and Blowfish AES competitors stipulated “that the safety margin of AES is much less than previously believed [1].” Schneier demands that AES implements more round of Rijndael for any key length “and for new applications I suggest that people don’t use AES-256. AES-128 provides more than enough security margin for the foreseeable future


    The Encryption routine

    | Under Live Jounal

    The encryption routine takes two parameters – the file descriptors of input file and the output file to which the encrypted data is to be saved. It is always a good idea to zero-fill your buffers using the memset or bzero commands before using the buffers with data. This is especially important if you plan to reuse the buffers. In the program below, the input data is being encrypted in blocks of 1K each.

    The steps for encryption are as follows :-

    1. Create a cipher context
    2. Initialize the cipher context with the values of Key and IV
    3. Call EVP_EncryptUpdate to encrypt successive blocks of 1k eack
    4. Call EVP_EncryptFinal to encrypt “leftover” data
    5. Finally call EVP_CIPHER_CTX_cleanup to discard all the sensitive information from memory

    You may be wondering what “leftover” data is? As mentioned earlier, Blowfish encrypts information in blocks of 64-bit each. Sometimes we may not have 64 bits to make up a block. This may happen if the buffer size in the program below or the file/input data size is not a integral multiple of 8 bytes(64-bits).So accordingly the data is padded and then the partial block is encrypted using EVP_EncryptFinal. The length of the encoded data block is stored in the variable tlen and added to the final length.

    int
    encrypt (int infd, int outfd)
    {
            unsigned char outbuf[OP_SIZE];
            int olen, tlen, n;
            char inbuff[IP_SIZE];
            EVP_CIPHER_CTX ctx;
            EVP_CIPHER_CTX_init (& ctx);
            EVP_EncryptInit (& ctx, EVP_bf_cbc (), key, iv);
    

            for (;;)
    

              {
    

                     bzero (& inbuff, IP_SIZE);
    

    

                     if ((n = read (infd, inbuff, IP_SIZE)) == -1)
    

                       {
    

                               perror ("read error");
    

                               break;
    

                       }
    

                     else if (n == 0)
    

                             break;
    

    

                     if (EVP_EncryptUpdate (& ctx, outbuf, & olen, inbuff, n) != 1)
    

                       {
    

                               printf ("error in encrypt update\n");
    

                               return 0;
    

                       }
    

    

                     if (EVP_EncryptFinal (& ctx, outbuf + olen, & tlen) != 1)
    

                       {
    

                               printf ("error in encrypt final\n");
    

                               return 0;
    

                       }
    

                     olen += tlen;
    

                     if ((n = write (outfd, outbuf, olen)) == -1)
    

                             perror ("write error");
    

              }
    

            EVP_CIPHER_CTX_cleanup (& ctx);
    

            return 1;
    

    }
    


    


    

 
    


    


    



    





    « Previous Entries
    

    Next Entries »