Wanted: a clue for using encrypt with DES

Mark Smith lists at futilism.com
Mon Jul 20 17:16:28 EDT 2009


Ben, have you looked at the output of "the ciphernames"? There are  
quite a few 'des' variants, are you sure you're using the right one?

Also, I'd stick with the "with password" format, unless you know how  
the other side is padding (if they are).

Best,

Mark

On 20 Jul 2009, at 20:00, Ben Rubinstein wrote:

> I'm trying to implement a protocol which uses DES encryption to send a
> password across the network.  And I know nothing about encryption.
>
> In the protocol I'm working with, the approach is that one side  
> sends a random
> 16-byte "challenge"; the other end encrypts this data "with DES  
> using the
> password as key", and sends the 16 byte encrypted result back to  
> the server.
>
> I captured this exchange between two existing apps that implement the
> protocol, ie I got the 16 byte challenge, and the 16 byte response  
> (and of
> course I already know the password).  So now I'm attempting to  
> implement code
> in Rev that will generate the same 16 byte response, given that 16  
> byte
> challenge and the password.
>
> My first attempt:
>
>   encrypt tChallenge using "des" with password tPassword
>
> This returned 16 bytes, but they were the wrong ones.
>
> I went back to the documentation and saw that it said "using the  
> password as
> key"; my second attempt therefore:
>
>   encrypt tChallenge using "des" with key tPassword
>
> This time I get an error "invalid keystring for specified keysize".
>
>
> I saw that "the ciphernames" tells me the default key length for  
> DES is 64
> bits.  My password is four characters.  I changed my code to pad  
> the password
> to eight bytes, using numtochar(0). Now I didn't get an error, but  
> I get the
> wrong byte sequence back.  Just for fun, I tried spaces instead of  
> zero bytes
> for the padding; different data, still wrong.
>
> So then I decided that while I'd like to understand this, it was an  
> unnecessary distraction; and changed the password to be exactly  
> eight characters, and captured a new challenge and response.   
> Feeding this to the script, the first byte of the Rev-calculated  
> response (possibly the first 12 bits depending on endian issues)  
> matches the correct response, but perhaps that's just coincidence.
>
> Can someone kindly point me in the right direction?  Have I just  
> misunderstood
> something simple?
>
> TIA,
>
> Ben
>
>
>
>
>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your  
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution




More information about the use-livecode mailing list