• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

advice on cipher modes

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion

View previous topic :: View next topic  
Author Message
Prads
Just Arrived
Just Arrived


Joined: 20 Oct 2010
Posts: 0


Offline

PostPosted: Wed Oct 20, 2010 4:31 pm    Post subject: advice on cipher modes Reply with quote

Hello,
I am a student, finished my A Level and am thinking about doing Computer Science in college. Anyway, I thought it would be cool to create a small freeware (possibly open source) program in my free time so I decided to make a password manager program in C++ that can generate and save the password in encrypted database. For encryption algorithm I have chosen to use Blowfish. I wrote the code for blowfish and tested it with the test vectors in Bruce Schneier website and it worked correctly.
Now for implementing it in my project, I have a question. I researched more about cryptography on the internet and found out about cipher mode of operation. In my program, passwords are kept in a data structure:

Code:

struct passwordData {
 string password;
 string remark;
};


password contains strings of random character (assuming user won't use common words as password) like "%^T=t0LO8>" and remark contains some description about password like "My gmail password".
Now here's how I thought I would encrypt that data. Let's assume we have 2 passwords to encrypt, I would put the passwords in unsigned char array in this way:

(1st Password)(Remark)(2nd Password)(Remark)(some random padding bytes if needed)

then I would encrypt it and put it in the database. After my research, I found out that this method was called ECB mode of operation (am I right? lol).
So my question is, is this design safe? Or should I read more about other mode of operation?

Sorry if this is a stupid question. I am new to cryptography but I am really interested in it.

Thanks!
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Thu Oct 21, 2010 8:19 pm    Post subject: Reply with quote

Prads,

Its good to see you putting your time in our own projects. IMO its the best way to learn. As for your question, it's certainly not stupid. ECB or Electronic Code book is a cipher mode which you should avoid using. I am not sure if it applies to BlowFish but it certainly applies to AES. ECB has some serious weaknesses in that it may be possible to derive the key if you have enough cleartext/ciphertext.

If I use AES as an example, there are a number of modes of operation which the cipher can operate and they have different benefits. The overall algorithm is the same except the encryption of each block may rely on an IV or an XOR'd version of the previous block. This introduces some security means but slows things down.

I tried searching for some web resources for you, check this out http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation. The best example I have seen for describing these modes is in the Shon Harris CISSP book. It might also be in the Bruce Schneier Applied Cryptography book.

CFB - Cipher Feedback Mode
OFB - Output Feedback Mode
CBC - Cipher Block Chaining
ECB - Electronic Code Book - Very fast but only suitable for encrypting 1 block with a key.

Definitely read about the different modes before implementing anything. The worst thing that can happen is you become more knowledgeable about encryption.

Good Luck,

Fire Ant
Back to top
View user's profile Send private message
Prads
Just Arrived
Just Arrived


Joined: 20 Oct 2010
Posts: 0


Offline

PostPosted: Sun Oct 24, 2010 7:11 pm    Post subject: Reply with quote

Thank you so much for replying. I discussed this issue with some of my fellow programmers and they advice me to use CBC mode for this project. I have almost completed writing the code, maybe I will complete it in next two days. Smile Thank you for the reply, I really appreciate it...
Back to top
View user's profile Send private message
Prads
Just Arrived
Just Arrived


Joined: 20 Oct 2010
Posts: 0


Offline

PostPosted: Thu Dec 16, 2010 6:47 am    Post subject: Reply with quote

Hello,

I have one more small question. I came across this Blowfish implementation weakness in software called DAR: http://www.juniper.net/security/auto/vulnerabilities/vuln24930.html

Quote:
The application also incorrectly uses a password as keying material. This results in weakened Blowfish-CBC protections that render encrypted dar files unnecessarily vulnerable to cryptographic attack.


My Password Manager program also uses user given password as blowfish key. Here's the link to the program, both source code and binary: http://www.pradsprojects.com/subrosa.html
Does that make the implementation weak? Do I have to use a password derivation algorithm?
Thanks!
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Tue Dec 21, 2010 12:21 pm    Post subject: Reply with quote

Hi Prads,

Looking at the the vulnerability report, unless you use 'blowfish::make_ivec' function in 'libdar/crypto.cpp' then you might be vulnerable. Have you implemented BlowFish yourself or do you use a common crypto library?

Fire Ant
Back to top
View user's profile Send private message
Prads
Just Arrived
Just Arrived


Joined: 20 Oct 2010
Posts: 0


Offline

PostPosted: Wed Dec 22, 2010 5:56 am    Post subject: Reply with quote

I implemented the Blowfish encryption myself. I also tested it with test vectors from Bruce Schneier website, so I don't think there should be problem with implementation. For generating IV, I created my own function which generates 64 bit IV using PRNG function rand_s.

The problem is not with the IV, but the way Master Key is used with the Blowfish encryption. In my program, user gives a Master Key, can be maximum of 448 bit and minimum of 8 bit, and then the Master Key is used directly as a keying material for blowfish encryption without going through any key derivation functions like PBKDF 2. I was wondering how vulnerable this was...
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> General Security Discussion All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register