[Cryptography Team] Re: block-based cipher padding
Ron Teitelbaum
Ron at USMedRec.com
Tue Jul 11 19:20:55 UTC 2006
> From: Chris Muller
> Sent: Tuesday, July 11, 2006 1:39 PM
>
> > The tests that I'm running are only one sided tests, they say encrypt
> > this
> > and your answer should be this. Since the encryption test didn't
> > assume any
> > padding the results are different, but only by the padding itself.
>
> Ah, I thought the encryption test DID use some kind of padding. So if
> it isn't using padding you probably don't want to use our code that
> does padding, right?
>
> IOW, this sounds like a lower-level test of just the underlying AES w/
> CBC (using three blocks) rather than a test of encryption of an
> arbitrary-sized ByteArray. Arbitrary-sized ByteArray's are
> encrypted/decrypted with the #encrypt:/#decrypt: methods, respectively.
> But you just want to encrypt three blocks so you need to use
> #encryptBlock: and #decryptBlock. They're the lower-level
> functionality that will match the test you're doing, they don't do any
> padding.
The tests do not use padding but do have multiple blocks. It doesn't seem
wise to break the blocks myself for testing, so I used encrypt: , I guess I
could have used the encrypt:from:to: method but it seems redundant. Maybe
we should have a encrypt:usePadding: method? I did like the idea of
abstracting the padding methods to allow for their replacement by
developers. The encrypt: method could use your padding by default but then
we could have a noPadding option.
BlockCipherPaddingAbstract
BlockCipherPaddingNoPadding
BlockCipherPaddingFergusonSchneier2
...
It would make it much easier to add new padding schemes later.
What do you think?
Ron Teitelbaum
More information about the Cryptography
mailing list