• Encryption Keys and IV's
    26 replies, posted
K, so you have probably seen my little encryption program... [code] using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.IO; using System.Security.Cryptography; namespace Encryption_Basics { class Program { static void Main(string[] args) { byte[] keyToUse; byte[] IVToUse; string input = @"C:/input.txt"; string output = @"C:/output.txt"; FileStream inputStream = new FileStream(input, FileMode.Open, FileAccess.Read); FileStream outputStream = new FileStream(output, FileMode.OpenOrCreate, FileAccess.Write); SymmetricAlgorithm algo = new RijndaelManaged(); //Create a Key + IV string pass = "22"; ASCIIEncoding aEncoding = new ASCIIEncoding(); keyToUse = aEncoding.GetBytes(pass); IVToUse = aEncoding.GetBytes(pass); //Read input File byte[] fileData = new byte[inputStream.Length]; inputStream.Read(fileData, 0, (int)inputStream.Length); //Transform ICryptoTransform encryptor = algo.CreateEncryptor(keyToUse, IVToUse); //Create CryptoStream CryptoStream encryptStream = new CryptoStream(outputStream, encryptor, CryptoStreamMode.Write); encryptStream.Write(fileData, 0, fileData.Length); encryptStream.Close(); inputStream.Close(); outputStream.Close(); } } } [/code]I get this error when compiling. Specified initialization vector (IV) does not match the block size for this algorithm. Anyone know how to fix this? or atleast got any suggestions?
[quote=msdn]The size of the IV property must be the same as the BlockSize property.[/quote] [url]http://msdn.microsoft.com/en-us/library/system.security.cryptography.symmetricalgorithm.iv(v=VS.90).aspx[/url] You should take a look here and see how they use the RijndaelManged [url]http://msdn.microsoft.com/en-us/library/system.security.cryptography.rijndaelmanaged.aspx[/url]
That was useful. But it still doesn't really explain how to generate a key.
[QUOTE=Loli;21248419]That was useful. But it still doesn't really explain how to generate a key.[/QUOTE] [url]http://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes(v=VS.90).aspx[/url] Or do a SHA384 hash of the password and split it for 32 and 16 byte arrays (For the key and IV respectively, as Rijndael / AES256 has a 256 bit keysize and a 128 bit IV). [editline]04:55PM[/editline] Note that that hash is not as secure, RFC2898 by default loops sha1 over it 1000 times if memory serves.
[cpp]Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(strpassword, Encoding.UTF7.GetBytes(">x4sA,cW7@LeZ !8PZe'F.X,L[crp/, or something else random")); algorithm.Key = rfc2898DeriveBytes.GetBytes(algorithm.KeySize/8); algorithm.IV = rfc2898DeriveBytes.GetBytes(algorithm.BlockSize/8);[/cpp] There. I was going to go and do a whole example, but I said screw it. [editline]07:52PM[/editline] Lol, I forgot I logged into ShaRose and not ShaRose_ when I was at work. Ah well. [editline]07:53PM[/editline] Oh, and it was HMAC-SHA1.
Why have you got two unbanned alts?
Probably because he doesn't have the password at work. I use two different accounts on my main computer and my laptop, and that's mostly because I don't have my password on both computers.
Is it that difficult to read a password from one screen and type it into a different computer, or write it down on a piece of paper and bring it to work? Not having the password seems like the sort of thing that might be a problem once when you first decide you'd like to log in from another computer, not a long-term unsolvable problem.
Both of you are wrong. I'm on ShaRose_ normally at home since I was banned a while ago with ShaRose and am too lazy to switch accounts, and when I logged in to post at work I just used ShaRose. And I remember by passwords. All 10 - 35 alphanumeric characters of them, depending on which one. Space constraints most of the time, or that I have to use them maybe 5-6 times a day for work logins. [editline]04:48AM[/editline] [QUOTE=turb_;21256234]Why have you got two unbanned alts?[/QUOTE] Because one was perma'd for bugging garry on irc for an unrelated matter, I created the alt, and ShaRose was unbanned on garry's birthday.
I love it when people brag that they can remember their 30 character password. Nobody cares.
[QUOTE=turb_;21282286]I love it when people brag that they can remember their 30 character password. Nobody cares.[/QUOTE] That is true. I just don't like it when people suggest that I'm one of the people who write down passwords. And then to suggest that I'm too lazy to bring a copy to work? Insecure as hell. [editline]04:57AM[/editline] And it was 35 :smug:
[QUOTE=ShaRose_;21282359]And it was 35 :smug:[/QUOTE] Meh, nobody cares that your password is super long. I have an 11 character password that Google says is strong. I'm fine with that.
I write down passwords in a text file on my desktop.
[QUOTE=blankthemuffin;21283789]I write down passwords in a text file on my desktop.[/QUOTE] :downsbravo:
Seriously it's not an issue. If my computer is compromised then my keys are compromised too, they're the only things which actually matter so why go and give more protection to passwords. It's not like I'm running windows either.
Well this is gone way off track. Mission accomplished guys.
Meh, it's umm... Interesting O_o
[QUOTE=Loli;21293128]Meh, it's umm... Interesting O_o[/QUOTE] Well, did we solve the problem?
Kind of... [code] [LIST=1] [*]Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(strpassword, Encoding.UTF7.GetBytes(">x4sA,cW7@LeZ !8PZe'F.X,L[crp/, or something else random")); [*] [*]algorithm.Key = rfc2898DeriveBytes.GetBytes(algorithm.KeySize/8); [*] [*]algorithm.IV = rfc2898DeriveBytes.GetBytes(algorithm.BlockSize/8); [/code] [/LIST] This seems to work OK
[QUOTE=blankthemuffin;21284074]Seriously it's not an issue. If my computer is compromised then my keys are compromised too, they're the only things which actually matter so why go and give more protection to passwords. It's not like I'm running windows either.[/QUOTE] edgy i like it
Why aren't you putting a passphrase on your keys?
I never said I didn't, I actually can't remember because I have them set to auto-unlock anyway.
[QUOTE=Loli;21304444]Kind of... [code] Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(strpassword, Encoding.UTF7.GetBytes(">x4sA,cW7@LeZ !8PZe'F.X,L[crp/, or something else random")); algorithm.Key = rfc2898DeriveBytes.GetBytes(algorithm.KeySize/8); algorithm.IV = rfc2898DeriveBytes.GetBytes(algorithm.BlockSize/8); [/code] This seems to work OK[/QUOTE] You were supposed to change that second string to something random. It'll still work though.
Yeah, I guessed :P That was a perfect starting place for Encryption / Decryption
[QUOTE=ShaRose_;21254578]Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(strpassword, Encoding.UTF7.GetBytes(">x4sA,cW7@LeZ !8PZe'F.X,L[crp/, or something else random")); algorithm.Key = rfc2898DeriveBytes.GetBytes(algorithm.KeySize/8); algorithm.IV = rfc2898DeriveBytes.GetBytes(algorithm.BlockSize/8); There. I was going to go and do a whole example, but I said screw it. [editline]07:52PM[/editline] Lol, I forgot I logged into ShaRose and not ShaRose_ when I was at work. Ah well. [editline]07:53PM[/editline] Oh, and it was HMAC-SHA1.[/QUOTE] How would I encrypt a message using this?
[QUOTE=Loli;21348491]How would I encrypt a message using this?[/QUOTE] You did code for that already. Look in your own op. [editline]03:43PM[/editline] Oh, I did it again. Meh.
Yeah, I did a dumb :downs:
Sorry, you need to Log In to post a reply to this thread.