问题
I'm using PyCrypto in an application to encrypt data, but for some reason the first 8 bytes (corresponding to the first block) are coming through corrupt no matter what I do.
>>> from Crypto.Cipher import DES3
>>> from Crypto import Random
>>> iv = Random.new().read(DES3.block_size)
>>> key = Random.new().read(DES3.key_size[-1])
>>> des3 = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3.decrypt(des3.encrypt('12345678abcdefgh12345678'))
't\x1b\x0f\xcbD\x15M\xababcdefgh12345678'
I've read that that's a sign that the IV is corrupt, but those sources also say that using a mode other than CBC would result in the entire message corrupting. That isn't the case:
>>> des3 = DES3.new(key, DES3.MODE_CFB, iv)
>>> des3.decrypt(des3.encrypt('12345678abcdefgh12345678'))
'\xe1\x85\xae,\xf1m\x83\x9cabcdefgh12345678'
I can also rule out the cipher as the cause:
>>> from Crypto.Cipher import AES
>>> from Crypto import Random
>>> iv = Random.new().read(AES.block_size)
>>> key = Random.new().read(AES.key_size[-1])
>>> aes = AES.new(key, AES.MODE_CBC, iv)
>>> aes.decrypt(aes.encrypt('12345678abcdefgh12345678abcdefgh'))
'\xa7l\x00]\x1cW\xec\xd0\x04\x06\xba&\x1663\xd712345678abcdefgh'
Note that in this example the first 16 bytes are corrupt, which corresponds to AES' block size.
回答1:
You have to reset IV vector before decryption. Try this code:
>>> from Crypto.Cipher import DES3
>>> from Crypto import Random
>>> iv = Random.new().read(DES3.block_size)
>>> key = Random.new().read(DES3.key_size[-1])
>>> des3enc = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3dec = DES3.new(key, DES3.MODE_CBC, iv)
>>> des3dec.decrypt(des3enc.encrypt('12345678abcdefgh12345678'))
IV vector is changing after encryption / decryption each block. You used the same instance of DES3 class for encrypting and decrypting the message, therefore you had incorrect IV for decryption.
Hope above code works - I didn't test it.
More about CBC mode: http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation
来源:https://stackoverflow.com/questions/16349441/first-8-byes-of-my-encrypted-data-corrupting-using-3des-and-cbc