I have a problem with string decryption. I think this is some kind of base64 encoding, but i'm not sure.
Source: 80009861
Result: wEpISZVq4gLkLSFdOxG3qQ==
I need your help with understanding this algorithm of encryption.
Related
a question:
A parcel service provider requests that the password is encoded in a specific way:
KEY -> UTF8 Encoding -> SHA512
They KEY should be in byte form, not string
currently I have this in Node.js with CryptoJS:
password = CryptoJS.SHA512(CryptoJS.enc.Utf8.parse(key))
or
password = CryptoJS.SHA512(CryptoJS.enc.Utf8.stringify(key))
Don't know which one is the right one.
I need to convert the key to bytes, how do I do that?
Keys are arbitrary sequences of bytes, and SHA-512 works on arbitrary sequences of bytes. However, UTF-8 can't encode arbitrary sequences of bytes. It can only encode Unicode code points. What you're asking for isn't possible. (I suggest posting precisely what the requirement is. It's possible you're misreading it.)
You need another encoding, such as Base64 or Hex. The output of either of those is compatible with UTF-8 (they both output subsets of UTF-8).
That said, this is a very strange request, since you already have exactly the correct input for SHA-512. Converting it to a string and then converting that string back to (likely different) bytes seems a pointless step, but if you need it, you'll need a byte encoding like Base64 or Hex.
I thought this is base64 encoding so i try to decode it in that way but it seems this is not base64 encoding. I want to decode this.
O7hrHYO5UUFHFPVILQPc6A==:hEnb3PVrxgHbEL1VT+cu8ic4ocIOfoaWkJ2b2MCrVy4=:jXB0R2OctZ6i1K3s2DlLNS5D/PSdhzKM7GX7gVh6AvXbWrA5i/4j3maFlgk1X2BpmOXYoZab2hAJS4lCBtWi6WnE3zDLhBvWJWFyAN93fIvS66PXJiINmaEhKi8mBIjc
I am learning about reverse eng. and i got this file. This is simple quiz app. (android) in database file it has question with above encoding string. I put here first one. There are many more questions like this.
The colon character : cannot appear in base64 output, and also = can only appear at the end of base64 output, so this string seems to be composed of 3 parts, each individually encoded in base64:
O7hrHYO5UUFHFPVILQPc6A==
hEnb3PVrxgHbEL1VT+cu8ic4ocIOfoaWkJ2b2MCrVy4=
jXB0R2OctZ6i1K3s2DlLNS5D/PSdhzKM7GX7gVh6AvXbWrA5i/4j3maFlgk1X2BpmOXYoZab2hAJS4lCBtWi6WnE3zDLhBvWJWFyAN93fIvS66PXJiINmaEhKi8mBIjc
These don't decode to anything meaningful in base64, so my guess is some encryption scheme has been applied. After decoding, the lengths of these are all multiple of 16 bytes, which hints at a block cipher with blocks of 16 bytes (128 bits).
I have an 10 digit number and its encrypted output. The only thing I want to know that how this string is encrypted. Following are two given examples of it:
(a) original number: 1109010010
encrypted: 18E10B82029A046BEE09D86E31951E7BD67BD3619281BAF2C2661C183C7FC960EE52FAE640DA86BEA497364289E2156A543B7F18C333A025B2109AF6815151D65AEE68943A1D51DD42F425CFF752AA7FE60248F2D7680A939C592DEDF65D4053
(b) original number: 1009010096
encrypted: 19E2003A6B3DFB35CE3E9A51A70F16DBD491C749F0C75634D03F077F68726E5995B1216AC6776172E1B610D75211F0AC788575154B8C25DB460F6A13785B392164DDEF151971D31C5A5B3C0F07995B78410FC33CB94DADF339D4BD9F9E11E7F0
Please help me..
It's a property of (decent) encryption algorithms that their output is indistinguishable from random, so there's no way to tell for sure.
For all you know, the number could have have been padded with a few zeros, and then encrypted using AES. Or that could be RSA. Or some dude's homegrown algorithm.
Why do you need to know this? Maybe there's another way we could help.
If we have a source string and encrypted string, can we find out algorithm/forumla used in encrypting that source string?
EDIT
Here are a couple of such strings.
string, encrypted string
avtacarguy,c0e54a662e8d7adbf26e2515dcb2bfde
burris212,0c9fe74ce3abb1507108dba1f04497e5
directert,96336189003e59a2d4a3fdbb2cf02707
In general, no. There can be numerous algorithms that turn the source string into the encrypted string, based on what public and/or private keys are used.
In simple cases, such as the Caesar cipher it may be possible to figure out how it was done but even then you've only provided a 'most likely' explanation as to what encryption algorithm was used.
Technically (mathematically) speaking, no. Several encryption schemes could yield the same crypto text for some particular input.
If you had had the encryption key, you could of course try out all popular encryption schemes and see if you got some exact match in which case you could be pretty sure you found the algorithm.
I am beginnging to wonder if the implementation of AES is different across libraries..
Currently i have a plaintext encrypted with PyCrypto.
Im trying to decrypt the ciphertext with Node.js's Crypto Library..
Basically with PyCrypto..
im using AES-128-CBC with a random generated IV. (which decrypts perfectly in PyCrypto)
However..
On Node.js im doing this
var buf = new Buffer(ciphertext)
var decipher = crypto.createDecipher('aes-128-cbc',aeskey)
buf = decipher.update(buf,'binary', 'binary')
buf += decipher.final('binary')
Which spits out a bunch of Garbage.... ( changing 'binary' to hex/utf8 doesnt help)
As i am using CBC (Cipher Block Chaining)...
i am prepending the IV to the beginning of the ciphertext (16 blocks)..
In PyCrypto this works perfectly, similarly to the specification of PGP, CFB usage..
Does anyone know for what reason this is not working???
Am i expecting too much of Node.js's standard libraries?
Documentation does not mention this, but aeskey you're passing to crypto.createDecipher is not the key, but a password, handled to OpenSSL's EVP_BytesToKey function.
To pass the actual raw key data one should use (presently undocumented) crypto.createDecipheriv(cipher, key, iv) function. This applies to ECB mode too, even though there's no IV in ECB.
If this fails, I think, the first step in debugging would be to try with AES KATs to see whenever the decryption code is correct.
I've tripped on a similar issue here: https://github.com/joyent/node/issues/1318
AES is a rijndael standard. It shouldn't be different. You should look into data types and default settings that are hidden. Something must be set different between the two. The key sizes might be different as 128 bit "hello" is padded with zeros I think and a smaller key would start with "hello" but have a smaller padding, therefore different.
The short answer to your question is: Yes, AES is the same in PyCrypto and Node.js' crypto module. Node's crypto is just a wrapper around openssl on your system, and PyCrypto is interoperable with OpenSSL (see http://lists.dlitz.net/pipermail/pycrypto/2010q4/000301.html).
Having said that, there are definitely bugs in the Node crypto module (though I've only experienced problems with base64 encoding, myself). So whether it's a bug or not, the problems you're experiencing are almost certainly happening in the data encoding/decoding stages.
What does your ciphertext look like? Is it a hexadecimal string? If so, then you need to do
buf = decipher.update(buf, 'hex', 'binary')
That's not how IV works in Node, you have to use crypto.createDecipheriv(cipher, key, iv) instead, otherwise you get a default baked-in one. Even in PyCrypto you should be using the third argument to AES.new as the IV, not stuffing it into the bytestream.
Make sure you use the same key and IV in both pycrypto and node.js!! Not only that, but make sure you have the same encoding in both ends:
cipher = AES.new(key.decode('hex'), AES.MODE_CBC, iv.decode('hex'))
text = json.dumps(payload)
pad = lambda s: s + (16 - len(s) % 16) * '\x07'
encryptedText = base64.b64encode(cipher.encrypt(pad(text)))
Then in node.js (sorry, no easy access to that code now), also make sure you decode your key and iv to hex