Ref:Using NSE OpenSSL for Blowfish?

["Omar Herrera " <oherrera () prodigy net mx>]

 Hi Ron,I'm not familiar with NSE's OpenSSL module, but i think I know what might be causing the problem: the 
Initialization Vector.I couldn't find in the module's documentation the encryption mode used, but I'm assuming its CBC. 
Blowfish does operate on 64 bit blocks, but in CBC mode the result of encrypting each block is also used to modify the 
encryption process of the next block. That is why you can't decipher blocks independently unless you use ECB mode. 
Obviously the first block doesn't have any previous information from other blocks, and here is where the IV is used; 
this IV serves as a mechanism to add randomness to the encryption process of the first block.Now, you must make sure 
you are using exactly the same mechanisms to generate the IV for the encryption and the decryption. For instance, 
within Openssl if you use a password the key and the IV will be generated from the password using a PKCS5 compatible 
protocol (http://www.openssl.org/docs/crypto/EVP_BytesToKey.html), so the IV won't be empty.Within the NSE module it is 
not clear to me what will be passed to the openssl functions (i.e. will it be a null pointer or random data). OpenSSL 
encryption tool requires that you pass an IV whenever you use only an hexadecimal key (see -K and -iv in 
http://www.openssl.org/docs/apps/enc.html); the same with the encryption functions of the OpenSSL library (see 
http://www.openssl.org/docs/crypto/blowfish.html), since all encryption modes different than ECB require an IV)Salting 
is not used by default and doesn't seem to be included as an option in the NSE module, so it is less likely that this 
is your problem.The best way to make sure is to encrypt your string with the NSE module using a key and an IV of your 
choice, and then trying to decrypt it also with the NSE functions. Next, I would suggest to encrypt your text with the 
openssl command line tool (using the same keys and IV) and decrypt it using the NSE module, and viceversa. Since salts 
are apparently not being used, you should get exactly the same result. If this works, then this would confirm that the 
undefined IV in NSE is the problem.I hope this helps,Omar Herrera

  
    
      
      De :
       nmap-dev-bounces () insecure org
    
    
      Para :
       "nmap-dev () insecure org" nmap-dev () insecure org
    
    
      Copia :
       
    
    
      Fecha :
       Sat, 27 Dec 2008 18:01:13 -0600
    
    
      Asunto :
       Using NSE OpenSSL for Blowfish?
    
    

 
> Hi all,> > I've spent the last couple hours wrestling with this, and I'm hoping> somebody here can help 
me. I have a 64-byte string that's encrypted with> Blowfish. The key is 16 bytes long.> > I tried decrypting 
it the simple way:> openssl.decrypt("blowfish", key, nil, data)> > But that didn't work. I read that blowfish 
uses 8-byte blocks, so I> tried breaking it into 8-byte chunks, but that didn't work either.> > Anybody know 
where I'm going wrong? This is the last hurdle I have to> pass and I'll have a really cool script finished.> > 
Thoughts?> Ron> > -- > Ron Bowes> http://www.skullsecurity.org/> > 
_______________________________________________> Sent through the nmap-dev mailing list> 
http://cgi.insecure.org/mailman/listinfo/nmap-dev> Archived at http://SecLists.Org

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org