3

When encryption is done using the AES-CBC algorithm, the encryption can be thought of as chaining the cipher texts with the previous ones and an IV. However, if its on CBC mode, we give our cipher text forward diffusive properties (i.e. if we change but i in our cipher, plaintext is change for all blocks after that). To make malleability attacks harder, one can chain the cipher texts during encryption on both directions (or implement something similar as in the bitLocker paper).

Does anyone know if there a implementation of pyCrypto that provides a chaining of the cipher texts using both direction?

One way that I thought of solving this was getting the original cipher text, reversing it using python and then feed it to pyCrypto. However, this seemed a little brute force because the whole point of pyCrypto is to take advantage of their C level implementation (while reversing a string would introduce a obvious unfortunate performance hit).

4

1 回答 1

0

不,据我所知,pyCrypto中没有这样做的模式。密文出错后明文的这种强烈扩散称为错误传播。现在,错误传播不再被认为是重要的。如果您想提供明文的完整性,那么您可以在密文上添加一个 MAC(例如HMAC),或者使用经过身份验证的密码(它基本上在机密性之上提供完整性)。不幸的是,我在 pyCrypto 中没有看到任何经过身份验证的密码模式。

于 2015-10-02T10:34:47.567 回答