AGB  ·  Datenschutz  ·  Impressum  







Anmelden
Nützliche Links
Registrieren
Thema durchsuchen
Ansicht
Themen-Optionen

Kleines Weihnachtsgeschenk von der DEC

Ein Thema von TurboMagic · begonnen am 24. Dez 2024 · letzter Beitrag vom 8. Jan 2025
Antwort Antwort
Seite 3 von 3     123   
TurboMagic

Registriert seit: 28. Feb 2016
Ort: Nordost Baden-Württemberg
3.000 Beiträge
 
Delphi 12 Athens
 
#21

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 3. Jan 2025, 16:46
Well, to be honest i thought about this and here what logic echoed in my brain,
Lets look at the most accurate original definition of ANSI X9.23,
from https://www.ibm.com/docs/en/linux-on...block-chaining
Zitat:
The ANSI X9.23 method always appends from 1 - 8 bytes to the plaintext before encipherment. The last appended byte is the count of the added bytes and is in the range of X'01' - X'08'. The standard defines that any other added bytes, or pad characters, be random.
also from https://en.wikipedia.org/wiki/Padding_(cryptography)
Zitat:
In ANSI X9.23, between 1 and 8 bytes are always added as padding. The block is padded with random bytes (although many implementations use 00) and the last byte of the block is set to the number of bytes added.[6]
PKCS#7 has concretely defined fill value unlike this one.
on other hand random fill can't be validated, also this padding schemes is old, very old and used many in many cases with both 0 fill and random, this exactly what rendered it unreliable to be used widely in securing traffic over wire, in fact it is not used and not recommended, these days as de facto is zero fill but yet not quit, as many php libraries (old and some are new) still use it as both zero fill and random fill, this what made me let remove the zero checking, and that is it just for legacy compatibility with older libraries from different platform.
Ok, I can fully understand this. People not properly implementing a standard are a nuisance
What about having two classes for this: one with random fill and one with zero fill for best compatibility?
Or would one variant (the one with random fill) be sufficient?

As for PKCS#7 and PKCS#5 padding, you are right, and it is there for cosmetic, see PKCS#5 is old and was fixed at 8 bytes block size, so it even can't and shouldn't be used with AES !!, it designed for DES and 3DES...
i left it in case users of this library needed to be sure when they are in doubt and needed the name to be exist, again it is your call, also i relaxed the length checking as many libraries extended the length for it making it %100 copy of PKCS#7 padding without changing the name.
Understood. I created a PKCS#5 class now wich is a 1:1 alias of the PCKS#7 class. Just a type definition.
Is that ok? I'll add this to the enumeration and treat it like PKCS#7.
Grüße
TurboMagic
  Mit Zitat antworten Zitat
Kas Ob.

Registriert seit: 3. Sep 2023
379 Beiträge
 
#22

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 3. Jan 2025, 17:47
What about having two classes for this: one with random fill and one with zero fill for best compatibility?
Or would one variant (the one with random fill) be sufficient?
I prefer to either
1) leave with 0 fill, but without strict validation (checking against 0), as i mentioned it should not be used in real data trafficking or storing, so the danger of not checking its fill correctness make sense .. or
2) have two classes as you suggested, and i suggest to make sure to name the one with random as old or legacy, as it is really very rare to be using random fill in other libraries, and in contrary to its own original specification, which the cause of this mess.

Understood. I created a PKCS#5 class now wich is a 1:1 alias of the PCKS#7 class. Just a type definition.
Is that ok? I'll add this to the enumeration and treat it like PKCS#7.
Absolutely OK, PKCS#5 padding should have been killed and never used since the dawn of computer cryptography.
I think it is, yes, unifying their implementation makes sense, the problem with PKCS#5 padding is the wrong implementation and naming in many libraries, they do use PKCS#7 padding under the name of PKCS#5.


And thank you and Christoph for your effort, work and contribution.
Kas
  Mit Zitat antworten Zitat
TurboMagic

Registriert seit: 28. Feb 2016
Ort: Nordost Baden-Württemberg
3.000 Beiträge
 
Delphi 12 Athens
 
#23

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 5. Jan 2025, 18:37
We did some more work on this. Bear in mind that this is, while pushed to development branch, is not finished completely yet.
We still need to think about some of your stuff and unit tests need to be worked at as well, basing them most likely on your
data from this post.

=> stay tuned but don't hold your breath
Grüße
TurboMagic
  Mit Zitat antworten Zitat
TurboMagic

Registriert seit: 28. Feb 2016
Ort: Nordost Baden-Württemberg
3.000 Beiträge
 
Delphi 12 Athens
 
#24

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 7. Jan 2025, 21:14
Ok, you can start breathing again
Well, I think the current version in the development branch "is it".
What we didn't take is the idea of being able to add further blocks at the end.
Christoph doesn't like to have such an unstandard extension.

Well, this of course has two sides, as nearly everything.
But: thanks for your valuable additions and the test data!

I couldn't add you to notices.txt, but only because you are already listed as
contributor

If I can find the necessary time for some cleanup in some other area of the library
this should get released as V6.5 along with the other things which got added since V6.4.x.
Grüße
TurboMagic
  Mit Zitat antworten Zitat
Kas Ob.

Registriert seit: 3. Sep 2023
379 Beiträge
 
#25

AW: Kleines Weihnachtsgeschenk von der DEC

  Alt 8. Jan 2025, 10:47
Big thank to you and to Christoph.

You are the maintainer and its your call.

As for non-standard extension, well you made a call and it is right, but i want to explain few things to any one here who want to encrypt data without leaking information (aka best practice and things might be missed), namely the data length,
To do that i want to give an example, lets say this forum do encrypt users name in DB using BlowFish, so a name like our respected Uwe will be 6 bytes in Unicode, encrypting the name without padding (using lets say CTR mode) will be 6 bytes, while when padded will be 8 byte (on all modes), while any name with 4 chars will be 8 bytes and padded will be 16 bytes, so short names will stand out in a table, other names like Wolfeschlegelsteinhausenbergerdorff (36 bytes) will be unique too at 80 padded byte, but if we padded every name to 80 byte, meaning all names up to 39 chars will be the same, and this will prevent any information leak, or at least will decrease the chance to perform any useful information analysis to isolate and differentiate users and their other stored data.

Also when you pushed the separation for padding into its own unit, i had to say my opinion and wrote that code out of now or never, as it is pushed to development, and of course if padding in your current target is for only cipher and what had been standardized, then it is not wrong at all and you call is the right one, as there is no wrong call here, but if you want to leave it with some flexibility to be used with not only block cipher then, lets say this in other words .. some one had to read my very this post to understand how to obfuscate and protect a batch encryption, and even after that he will need to perform/implement the padding (a padding) code on his own !, and that is it.

Thank you again.
Kas
  Mit Zitat antworten Zitat
Antwort Antwort
Seite 3 von 3     123   


Forumregeln

Es ist dir nicht erlaubt, neue Themen zu verfassen.
Es ist dir nicht erlaubt, auf Beiträge zu antworten.
Es ist dir nicht erlaubt, Anhänge hochzuladen.
Es ist dir nicht erlaubt, deine Beiträge zu bearbeiten.

BB-Code ist an.
Smileys sind an.
[IMG] Code ist an.
HTML-Code ist aus.
Trackbacks are an
Pingbacks are an
Refbacks are aus

Gehe zu:

Impressum · AGB · Datenschutz · Nach oben
Alle Zeitangaben in WEZ +1. Es ist jetzt 21:41 Uhr.
Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024 by Thomas Breitkreuz