AES encryption

[Tuvas]

I have just finished a new function that will do AES128 encryption,
which is the standard for private-key cryptology today. In fact, the
NSA permitted AES to be used for classified documents in the USA, the
first time a public algorithm has been given this honor (Secret and Top
Secret documents can use AES as well, but must use a larger key (192 or
256 bits)) I've tested my function with a thousand random texts, it
seems to return the same result as received every time.

If you want to take a look,
http://www.geocities.com/brp13/Python/index.html

Note, I still wouldn't quite encrypt your credit card numbers, but,
well, it does seem to be secure enough... I would like comments as to
anything fairly simple I might be able to do to increase security. I've
tested the algorithm about a thousand times, with no appearant
failures, but, there still could be one that I haven't found yet, so...
Thanks!

 

[Bryan Olson]

Tuvas wrote:
[...]

I've tested my function with a thousand random texts, it
seems to return the same result as received every time.

Unfortunately, the results seem incorrect, self-consistent
as they may be. The following will call your code, and
check the results against 3 popular test vectors.

--Bryan


# Assert false if test fails

test_key = (
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0x76, 0x2e, 0x71, 0x60, 0xf3, 0x8b, 0x4d, 0xa5,
0x6a, 0x78, 0x4d, 0x90, 0x45, 0x19, 0x0c, 0xfe)

test_plaintext = (
0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d,
0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34)

expected = (
(0x39, 0x25, 0x84, 0x1d, 0x02, 0xdc, 0x09, 0xfb,
0xdc, 0x11, 0x85, 0x97, 0x19, 0x6a, 0x0b, 0x32),

(0xf9, 0xfb, 0x29, 0xae, 0xfc, 0x38, 0x4a, 0x25,
0x03, 0x40, 0xd8, 0x33, 0xb8, 0x7e, 0xbc, 0x00),

(0x1a, 0x6e, 0x6c, 0x2c, 0x66, 0x2e, 0x7d, 0xa6,
0x50, 0x1f, 0xfb, 0x62, 0xbc, 0x9e, 0x93, 0xf3))

key_sizes = (16, 24, 32)
plaintext = s2num(''.join([chr(c) for c in test_plaintext]))
for i in range(len(key_sizes)):
key_size = key_sizes
key = s2num(''.join([chr(c) for c in test_key[:key_size]]))
expected = s2num(''.join([chr(c) for c in expected]))
ciphertext = encryptb(plaintext, key)
assert ciphertext == expected
deciphertext = decryptb(ciphertext, key)
assert deciphertext == plaintext

 

[Tuvas]

I don't know if it means anything, but the AES system that I have isn't
set up to do anything other than 128 bit encryption at the moment, nor
will it likely do so, mainly because most systems only explain how to
get the 128 encryption, and not the larger sizes. I'm sure it's fairly
easy to change, but... Well, I'll take a look at it, but I don't have
the time at the moment...

 

[Tuvas]

Okay, I figured out the problem. The problem was that my algorythm
filed the numbers into the matrix as so:
1 2 3 4
5 6 7 8...

While it should have been
1 5 9 13
2 6 10 14
....

When this was fixed, the program works great! That's what I get for
testing only asymetrical keys... Oh well, thanks for the help in fixing
the problem!

 

[Tuvas]

Ere, I mean testing only symetrical keys, and symetrical messages,
nothing more realistic. Sigh. Oh well. It works, and that's the
important thing. I don't know if I'll put in support for the larger key
sizes, but, I'll leave it be for now.

 

[Bryan Olson]

Tuvas wrote:
[...]

I've tested my function with a thousand random texts, it
seems to return the same result as received every time.

Unfortunately, the results seem incorrect, self-consistent
as they may be. The following will call your code, and
check the results against 3 popular test vectors.

--Bryan


# Assert false if test fails

test_key = (
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0x76, 0x2e, 0x71, 0x60, 0xf3, 0x8b, 0x4d, 0xa5,
0x6a, 0x78, 0x4d, 0x90, 0x45, 0x19, 0x0c, 0xfe)

test_plaintext = (
0x32, 0x43, 0xf6, 0xa8, 0x88, 0x5a, 0x30, 0x8d,
0x31, 0x31, 0x98, 0xa2, 0xe0, 0x37, 0x07, 0x34)

expected = (
(0x39, 0x25, 0x84, 0x1d, 0x02, 0xdc, 0x09, 0xfb,
0xdc, 0x11, 0x85, 0x97, 0x19, 0x6a, 0x0b, 0x32),

(0xf9, 0xfb, 0x29, 0xae, 0xfc, 0x38, 0x4a, 0x25,
0x03, 0x40, 0xd8, 0x33, 0xb8, 0x7e, 0xbc, 0x00),

(0x1a, 0x6e, 0x6c, 0x2c, 0x66, 0x2e, 0x7d, 0xa6,
0x50, 0x1f, 0xfb, 0x62, 0xbc, 0x9e, 0x93, 0xf3))

key_sizes = (16, 24, 32)
plaintext = s2num(''.join([chr(c) for c in test_plaintext]))
for i in range(len(key_sizes)):
key_size = key_sizes
key = s2num(''.join([chr(c) for c in test_key[:key_size]]))
expected = s2num(''.join([chr(c) for c in expected]))
ciphertext = encryptb(plaintext, key)
assert ciphertext == expected
deciphertext = decryptb(ciphertext, key)
assert deciphertext == plaintext

Oops, introduced a bug by shadowing "expected". Make the for loop:

for i in range(len(key_sizes)):
key_size = key_sizes
key = s2num(''.join([chr(c) for c in test_key[:key_size]]))
expect = s2num(''.join([chr(c) for c in expected]))
ciphertext = encryptb(plaintext, key)
assert ciphertext == expect
deciphertext = decryptb(ciphertext, key)
assert deciphertext == plaintext