[AG-DEV] Vic and Rat Encryption

Andrew Rowley Andrew.Rowley at manchester.ac.uk
Mon Jul 11 10:14:09 CDT 2005 

Hi,

I was using vic and rat from the command line and forcing DES encryption.
It turns out that I needed to generate the key differently and just use
DES/CBC/NoPadding to do this.

Doing some further experiments, unless I am doing this wrong, it would seem
that the DES encryption in vic and rat is broken.  I downloaded the source
code and then modified it as follows: 

When rat initialises the des encryption, I output the 8-byte key to a file.
I then generate an array of bytes consisting of the numbers 0-63 in order.
I then encrypt this and output this to a file.

I then take the same key and the initialisation vector of 0s and run openssl
in des-cbc mode with the same key and iv on the same input.  This gives a
completely different output to that given by rat.  The openssl output is the
same output as is given by the Java encryption using DES/CBC/NoPadding.

I thought I heard that vic and rat were to use the openssl library at some
point.  Does anyone know if this is going to happen?

Andrew :)

============================================
Access Grid Support Centre,
RSS Group,
Manchester Computing,
Kilburn Building,
University of Manchester,
Oxford Road,
Manchester, 
M13 9PL, 
UK
Tel: +44(0)161-275 0685
Email: Andrew.Rowley at manchester.ac.uk 

> -----Original Message-----
> From: Rhys Hawkins [mailto:Rhys.Hawkins at anu.edu.au]
> Sent: 11 July 2005 02:08
> To: Andrew Rowley
> Cc: ag-dev at mcs.anl.gov
> Subject: Re: [AG-DEV] Vic and Rat Encryption
> 
> Hi Andrew,
> 
> I believe encrypted venues now use Rijndael in preference to DES, this
> might be your problem.
> 
> Cheers,
>     Rhys
> 
> On Fri, 2005-07-08 at 17:01 +0100, Andrew Rowley wrote:
> > Hi,
> >
> > Does anyone have any information on how the encryption is done in Vic
> and
> > Rat?
> >
> > I have been trying to decode this using Java Crypto using a
> PBEWithMD5AndDES
> > algorithm which provides a secret key generated from a password and DES-
> CBS
> > encryption with PKCS5 Padding.  I am using 0s to initialise this as per
> RFC
> > 3550 and using one iteration of the all-0 salt.
> >
> > This does not appear to work with vic or rat (the unencrypted packets
> work
> > fine).  Can anyone tell me what the vic and rat algorithm for encryption
> is?
> >
> > Thanks,
> >
> > Andrew :)
> >
> > ============================================
> > Access Grid Support Centre,
> > RSS Group,
> > Manchester Computing,
> > Kilburn Building,
> > University of Manchester,
> > Oxford Road,
> > Manchester,
> > M13 9PL,
> > UK
> > Tel: +44(0)161-275 0685
> > Email: Andrew.Rowley at manchester.ac.uk
>

More information about the ag-dev mailing list