1

I was just trying to check if OpenSSL does use PCSK5 as documentation states when I got the following problem.

I first encrypted a plaintext and encrypted it using DES-ECB. I was expecting to see extra stuffed bytes in decrypted message but it seems OpenSSL is pretty smart and remove them before printing the result.

So I tried to use -nopad option, which

disable standard block padding

following official documentation. This way extra bytes did not seem to be removed and result is choerent with PCSK5. My question is: does that prove anything? Disabling standard block padding (PCSK5) does not disable padding so what exactly it does? What type of padding does it use?

Here are my tests:

Plaintext (What is the padding??????)

5B E0 A5 BD 8C CD F9 22 05 10 28 5C F8 6B 8D 22 6A 1F 06 A3 3E E7 C9 68 07 4E 92 AA >8D 07 EE AD

Decrypted (nopad)

57 68 61 74 20 69 73 20 74 68 65 20 70 61 64 64 69 6E 67 3F 3F 3F 3F 3F 3F 0A 06 06 >06 06 06 06

Decrypted (regular padding)

57 68 61 74 20 69 73 20 74 68 65 20 70 61 64 64 69 6E 67 3F 3F 3F 3F 3F 3F 0A

Community
  • 1
Marcos Valle
  • 162
  • 1
  • 4
  • 12

1 Answers1

4

You can't see the padding in ciphertext because ciphertext is encrypted.

For commandline openssl enc, -nopad has effectively mirror meanings for encrypt and decrypt.

-nopad on encrypt means no padding is added (and the plaintext must be an exact multiple of the blocksize). You obviously did not specify -nopad on encrypt so PKCS5 padding was added by default (before encrypting).

On decrypt, by default PKCS5 padding is expected to be present and is removed; if the padding is not valid an error occurs. -nopad means no attempt is made to remove padding; if padding is present, as in your ciphertext, it is left in the data as you saw. If encrypt was done (successfully) with -nopad you need -nopad on decrypt so you don't try to remove padding that isn't there and fail.

PS- You are aware that single-DES has been broken and obsolete for years now, and ECB mode frequently allows system breaks unless used with great care?

Lessons learned and misconceptions regarding encryption and cryptology

Block chaining modes to avoid

How are chosen plaintext attacks against ECB implemented in the real world?

https://crypto.stackexchange.com/questions/12510/ecb-weakness-and-its-exploitation

https://crypto.stackexchange.com/questions/11451/can-ecb-mode-really-leak-some-characters

Community
  • 1
dave_thompson_085
  • 9,759
  • 1
  • 24
  • 28
  • Thank you so much for your explanatio n! I wish OpenSSL was clear like that in it's documentation. Btw thanks for the observations over des and ecb security flaws. I am beggining to study crypto and those tips are very welcome :) – Marcos Valle Sep 30 '14 at 08:24