Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Is ccrypt AES 256 bit crypto secure enough?
Special Forums Cybersecurity Is ccrypt AES 256 bit crypto secure enough? Post 302887072 by Neo on Wednesday 5th of February 2014 01:10:19 PM
Old 02-05-2014
Quote:
Originally Posted by Perderabo
IRead the AES page on wikipedia. Only 3 members of the Rijndael family are used in AES and all of them have a block size 128 bits.
I think the original poster (more-than-likely) meant 256 key size, not block size.

From the wikipedia reference:

Quote:
For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits
.

The orgional poster mentioned:

Quote:
AES 256 bit crypto
Normally, I would interpret this to mean "256 bit key size" ...

.. and point of reference, the ccrypt man page says:

Quote:
Keywords can consist of any number of characters, and all characters are significant (although ccrypt internally hashes the key to 256 bits)
Also from the ccrypt man page:

Quote:
ccrypt is believed to provide very strong cryptographic security, equivalent to that of the Rijndael cipher with 256-bit block size and 256-bit key size. Another version of the Rijndael cipher (with a smaller block size) is used in the U.S. government's Advanced Encryption Standard (AES). Therefore, this cipher is very well studied and subject to intensive public scrutiny. This scrutiny has a positive effect on the cipher's security. In particular, if an exploitable weakness in this cipher were ever discovered, this would become widely publicized.
 

5 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

encrypting file system using AES 256 bit

Experts, I am trying to encrypt my filesystem using the AES 256 bit type of encryption. I am using FreeBSD 5.4 and need to encrypt one of the mounted points. Does anybody have any good idea of how to do it? Is there any documentation about encrypting the disk partition as this method is more... (2 Replies)
Discussion started by: jimmynath
2 Replies

2. Programming

AES encryption

Hi, Any body can please point me to source code for implementing AES encryption in CTR mode i.e RFC 3686 (AES-CTR).I did googling but no good results. (6 Replies)
Discussion started by: Raom
6 Replies

3. Programming

JAVA AES keylength exception

I am developing a JAVA application that must encrypt its data. On my development machine, I can use a 256 bit key with no problem. A test machine throws an exception complaining about an illegal key length. The test machine is using JRE 1.6u21. Does anyone know where I can get a version of the JRE... (1 Reply)
Discussion started by: ilikecows
1 Replies

4. UNIX for Dummies Questions & Answers

Using sed with special characters produced from crypto

Hey there, I'm facing some weird issues with sed when trying to do substitution in a text file with the content of some environment variables. Those variables are used to store crypted (3DES) info with much special characters and that's where the problem starts. I've already tried to use both... (7 Replies)
Discussion started by: Jormun
7 Replies

5. Programming

Publish and Subscribe to AES-256 Encrypted MQTT Messages to Node-RED from PHP Scripts

Various Node-Red crypto modules do not work with PHP, so to send an encrypted message from a PHP script (in this case from a Ubuntu server) to Node-RED we need our own code. After a few hours of searching, testing various libs, more testing and debugging, I got this PHP to Node-RED code... (0 Replies)
Discussion started by: Neo
0 Replies

LEARN ABOUT PHP

mcrypt_encrypt

MCRYPT_ENCRYPT(3)							 1							 MCRYPT_ENCRYPT(3)

mcrypt_encrypt - Encrypts plaintext with given parameters

SYNOPSIS

       string mcrypt_encrypt (string  $cipher, string  $key, string  $data, string  $mode, [string  $iv])

DESCRIPTION

	Encrypts the data and returns it.

PARAMETERS

	      o $cipher
		-One of the MCRYPT_ciphername constants, or the name of the algorithm as string.

	      o $key
		-  The key with which the data will be encrypted. If it's smaller than the required keysize, it is padded with ' '. It is better
		not to use ASCII strings for keys.  It is recommended to use the mhash functions to create a key from a string.

	      o $data
		- The data that will be encrypted with the given $cipher and $mode. If the size of the data is not n * blocksize, the data will be
		padded with ' '.  The returned crypttext can be larger than the size of the data that was given by $data.

	      o $mode
		-One of the MCRYPT_MODE_modename constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".

	      o $iv
		-Used  for  the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If you do not supply an IV, while it
		is needed for an algorithm, the function issues a warning and uses an IV with all its bytes set to " ".

RETURN VALUES

	Returns the encrypted data, as a string.

EXAMPLES

       Example #1

	      mcrypt_encrypt(3) Example

	      <?php
		  # --- ENCRYPTION ---

		  # the key should be random binary, use scrypt, bcrypt or PBKDF2 to
		  # convert a string into a key
		  # key is specified using hexadecimal
		  $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");

		  # show key size use either 16, 24 or 32 byte keys for AES-128, 192
		  # and 256 respectively
		  $key_size =  strlen($key);
		  echo "Key size: " . $key_size . "
";

		  $plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";

		  # create a random IV to use with CBC encoding
		  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
		  $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

		  # creates a cipher text compatible with AES (Rijndael block size = 128)
		  # to keep the text confidential
		  # only suitable for encoded input that never ends with value 00h
		  # (because of default zero padding)
		  $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
					       $plaintext, MCRYPT_MODE_CBC, $iv);

		  # prepend the IV for it to be available for decryption
		  $ciphertext = $iv . $ciphertext;

		  # encode the resulting cipher text so it can be represented by a string
		  $ciphertext_base64 = base64_encode($ciphertext);

		  echo	$ciphertext_base64 . "
";

		  # === WARNING ===

		  # Resulting cipher text has no integrity or authenticity added
		  # and is not protected against padding oracle attacks.

		  # --- DECRYPTION ---

		  $ciphertext_dec = base64_decode($ciphertext_base64);

		  # retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
		  $iv_dec = substr($ciphertext_dec, 0, $iv_size);

		  # retrieves the cipher text (everything except the $iv_size in the front)
		  $ciphertext_dec = substr($ciphertext_dec, $iv_size);

		  # may remove 00h valued characters from end of plain text
		  $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
						  $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);

		  echo	$plaintext_dec . "
";
	      ?>

	      The above example will output:

	      Key size: 32
	      ENJW8mS2KaJoNB5E5CoSAAu0xARgsR1bdzFWpEn+poYw45q+73az5kYi4j+0haevext1dGrcW8Qi59txfCBV8BBj3bzRP3dFCp3CPQSJ8eU=
	      This string was AES-256 / CBC / ZeroBytePadding encrypted.

	See also mcrypt_module_open(3) for a more advanced API and an example.

PHP Documentation Group 													 MCRYPT_ENCRYPT(3)
All times are GMT -4. The time now is 10:57 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy