mailing list archives
Re: Ref:Using NSE OpenSSL for Blowfish?
From: Ron <ron () skullsecurity net>
Date: Sat, 27 Dec 2008 21:48:23 -0600
Omar Herrera wrote:
I'm not familiar with NSE's OpenSSL module, but i think I know what
might be causing the problem: the Initialization Vector.
I couldn't find in the module's documentation the encryption mode used,
but I'm assuming its CBC. Blowfish does operate on 64 bit blocks, but in
CBC mode the result of encrypting each block is also used to modify the
encryption process of the next block. That is why you can't decipher
blocks independently unless you use ECB mode.
Obviously the first block doesn't have any previous information from
other blocks, and here is where the IV is used; this IV serves as a
mechanism to add randomness to the encryption process of the first block.
Now, you must make sure you are using exactly the same mechanisms to
generate the IV for the encryption and the decryption. For instance,
within Openssl if you use a password the key and the IV will be
generated from the password using a PKCS5 compatible protocol
(http://www.openssl.org/docs/crypto/EVP_BytesToKey.html), so the IV
won't be empty.
Within the NSE module it is not clear to me what will be passed to the
openssl functions (i.e. will it be a null pointer or random data).
OpenSSL encryption tool requires that you pass an IV whenever you use
only an hexadecimal key (see -K and -iv in
http://www.openssl.org/docs/apps/enc.html); the same with the encryption
functions of the OpenSSL library (see
http://www.openssl.org/docs/crypto/blowfish.html), since all encryption
modes different than ECB require an IV)
Salting is not used by default and doesn't seem to be included as an
option in the NSE module, so it is less likely that this is your problem.
The best way to make sure is to encrypt your string with the NSE module
using a key and an IV of your choice, and then trying to decrypt it also
with the NSE functions. Next, I would suggest to encrypt your text with
the openssl command line tool (using the same keys and IV) and decrypt
it using the NSE module, and viceversa. Since salts are apparently not
being used, you should get exactly the same result.
If this works, then this would confirm that the undefined IV in NSE is
I hope this helps,
That's incredibly helpful, thanks! I gave up working on this for today
(too tired/frustrated to be productive).
A question, though: the IV you're talking about, is that also the key?
Or is there a separate key and IV? The data I'm using is encrypted in C,
and the interface looks like this:
void Blowfish_Init(BLOWFISH_CTX *ctx, unsigned char *key, int keyLen);
void Blowfish_Encrypt(BLOWFISH_CTX *ctx, unsigned long *xl, unsigned
void Blowfish_Decrypt(BLOWFISH_CTX *ctx, unsigned long *xl, unsigned
So I only see a key, unless the IV is hardcoded into the library.
In either case, I don't think I'm decrypting the data in the same order
as it's encrypted, so I'd bet that's the problem.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org