[AG-DEV] Vic and Rat Encryption
Colin Perkins
csp at csperkins.org
Mon Jul 11 10:48:42 CDT 2005
On 11 Jul 2005, at 16:14, Andrew Rowley wrote:
> I was using vic and rat from the command line and forcing DES
> encryption.
> It turns out that I needed to generate the key differently and just
> use
> DES/CBC/NoPadding to do this.
>
> Doing some further experiments, unless I am doing this wrong, it
> would seem
> that the DES encryption in vic and rat is broken. I downloaded the
> source
> code and then modified it as follows:
>
> When rat initialises the des encryption, I output the 8-byte key to
> a file.
> I then generate an array of bytes consisting of the numbers 0-63 in
> order.
> I then encrypt this and output this to a file.
>
> I then take the same key and the initialisation vector of 0s and
> run openssl
> in des-cbc mode with the same key and iv on the same input. This
> gives a
> completely different output to that given by rat. The openssl
> output is the
> same output as is given by the Java encryption using DES/CBC/
> NoPadding.
Which version of rat is this - did you test with the version from the
UCL CVS?
Can you send your test routines to illustrate the problem? I'm not
aware of any problems with the DES code in rat, although there were
issues with the AES code that I fixed relatively recently.
Colin
More information about the ag-dev
mailing list