Hello! Now I am working on implementing the SSH protocol in C ++. I understand the cbc encryption mod. I realized that the initial initialization vector for the first block of an encrypted packet is calculated from the hash of certain data, the initialization vector for subsequent blocks is the previous ciphertext block. This all works only for the first packet, in the second packet it is impossible to decrypt the first block. Perhaps because the last ciphertext block of the first packet consists of 4 bytes? How is the initial IV calculated for the second package?
|
1 answer
“the initial initialization vector for the first block of the encrypted packet is calculated from the hash of certain data” is not so. IV is transmitted to the cryptoalgorithm as is, the algorithm does not produce any of its transformations.
"the initialization vector for subsequent blocks is the previous ciphertext block" is the result of encrypting the previous block. No hashing and so on.
"the last ciphertext block of the first packet consists of 4 bytes" - add padding, when decrypting, delete.
And yes, you should not write cryptography yourself when there is OpenSSL ...
Vladimir Martyanov Vladimir Martyanov
9,266 four 17 34
|