stackoom
  简体   繁体   中英

How to AES Encrypt in .NET without an IV

 原文  2012-04-24 22:57:33       .net/ asp-classic/ cryptography/ rijndael/ initialization-vector

Question

We have a legacy part of our Classic ASP application that use some code which is supposed to encrypt/decrypt strings with Rijndael (AES). This code was found on the Internet here (Rijndael AES Block Cipher (VB Version)). I already found a question on SO that references this exact library and which ask almost the same thing as me , but I suspect at least one thing that goes wrong (other than adding the length of the data to encrypt at the beginning of the bytes array). The vbScript implementation does not look like to add an IV at all to the data to encrypt. So, I am not able to match the same encryption with RijndaelManaged since it :

  1. automatically generates a different IV every time
  2. absolutely requires an IV

Does someone knows if it is possible to AES encrypt something in .Net without specifiying an IV (empty) ?

3 answers

solution1
 7 ACCPTED  2012-04-25 17:50:11

Both the code you are using and the solution to your problem are completely insecure. First, *YOU SHOULD NOT UNDER ANY CIRCUMSTANCES USE A CRYPTO LIBRARY SOME RANDOM GUY WROTE * Period, end of story. Both windows and .net have trusted, vetted, encryption libraries. They don't have things like timing attack issues, out right backdoors, or just moronic things that would be attempted by no one who knew anything about crypto.

Case in point, the library you mention, appears to only support ECB mode . This is completely insecure and no one who knew what they were doing would do it. Although there are a bunch of reasons for it, the best demonstration fo why not to do it is this :

在此输入图像描述

This is an ecb encrypted picture of the linux penguine. Not very secure is it?

solution2
 2  2012-04-25 19:59:57

No you cannot encrypt anything in CBC mode without an IV. You may however explicitly set the IV to al zero's . As the IV is XOR'ed with the first plain block, setting the IV to all zero's is equivalent to not having an IV.

This is just an answer to your question, you might want to heed all the other security advice given to you so far. You might also want to check if the code is actually using CBC mode encryption that requires an IV.

An IV for CBC mode encryption is always exactly one block in size (16 bytes for AES, but use a getBlockSize() method whenever available.

solution3
 1  2012-04-25 17:59:10

Explicitly set the Mode property of your cipher to ECB .

ECB is unsafe unless the plain texts you are encrypting are short, random, unique strings. It's useful, for example, to encrypt a session key or another cryptographic key.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to encrypt the Key and IV which used in AES Encryption Model in android App Aes encrypt .Net and Js How to securely handle AES “Key” and “IV” values .Net AES encrypt mismatch after decrypt on Java Decrypting AES in SQL with key and IV AES encrypt in .NET and decrypt with Node.js crypto? .Net Encrypt XML stream with AES and 128 bit Initialization vector AES encrypt folder MimeKit encrypt Message with AES How can I use AES to encrypt a single block?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM