获取密钥流-Java解密

Question

I am using Java's Cipher class for decryption.

Couple of questions:

1. Using DES decryption with OFB, for a multi-part decryption, is it possible to generate keystream in the first iteration but not use that keystream for the XORing but still feed the keystream into the next block cipher?

My code is (briefly) as follows:

desCipher = Cipher.getInstance("DES/OFB56/NoPadding");
desCipher.init(Cipher.DECRYPT_MODE, secretKey, ivParameter);
for (i=0;i<subframeCount;i++){
// perform the skip iteration here
  if (firstFrame){
      byte[] dummy = new byte[7];
      dummy[0] = 1;dummy[1] = 12;dummy[2] = 12;dummy[3] = 15;dummy[4] = 26;dummy[5] = 12;dummy[6] = 12;
      desCipher.update(dummy);
  }
  if (not_last_frame){
      decryptedVCW = desCipher.update(vcwShift_E);
  }
  else{
      decryptedVCW = desCipher.doFinal(vcwShift_E);
  }

}

I am not sure if it is indeed skipping the XORing in the update(dummy) operation and then using the keystream for the next block cipher.

2. Is it possible to retrieve the keystream for each operation? It would be good to see what is exactly being generated.

Thanks Shiv

Answer 1

1. Yes, that's how OFB works: the output from the encryption (the keystream) is fed directly as input to the next block, so the XOR-ing part is independent from the encryption engine, just like a stream cipher.

2. Another way of getting the keystream than XOR-ing with the plaintext, is to XOR (or invoke update()/doFinal() ) with only zeroes, you will get the actual keystream. Just in case you want to see what the keystream looks like. But your way will obviously work as well, I am just adding this for sake of completeness.

Answer 2

I found out that the first iteration is indeed skipping the XORing stage.

The keystream can be found by XORing the plain text with the decryptedVCW (which should have been obvious to me)