Sometimes I just need some encryption, so I wrote a script that fits some cases. The functions use the python Crypto library.<\/p>\n
The security of the used encryption is ok, I wrote a PBKDF2-like Key Derivation Function, that hashes the password before truncating and using it as the AES key. The encryption function does not add random padding. This means an attacker can guess how long the plaintext was. Additionally, CBC is a non-authenticated mode, therefore if somebody flips a bit in your ciphertext the decryption routine won’t notice. This usually means an attacker can flip one bit, but the remaining blocks will be corrupted. So flipping a bit in the last block is easy. Moreover 13’370 derivation rounds might be too much or not enough for you.<\/p>\n
\r\ndef AESencrypt(password, plaintext, base64=False):\r\n import hashlib, os\r\n from Crypto.Cipher import AES\r\n SALT_LENGTH = 32\r\n DERIVATION_ROUNDS=13370\r\n BLOCK_SIZE = 16\r\n KEY_SIZE = 32\r\n MODE = AES.MODE_CBC\r\n \r\n salt = os.urandom(SALT_LENGTH)\r\n iv = os.urandom(BLOCK_SIZE)\r\n \r\n paddingLength = 16 - (len(plaintext) % 16)\r\n paddedPlaintext = plaintext+chr(paddingLength)*paddingLength\r\n derivedKey = password\r\n for i in range(0,DERIVATION_ROUNDS):\r\n derivedKey = hashlib.sha256(derivedKey+salt).digest()\r\n derivedKey = derivedKey[:KEY_SIZE]\r\n cipherSpec = AES.new(derivedKey, MODE, iv)\r\n ciphertext = cipherSpec.encrypt(paddedPlaintext)\r\n ciphertext = ciphertext + iv + salt\r\n if base64:\r\n import base64\r\n return base64.b64encode(ciphertext)\r\n else:\r\n return ciphertext.encode("hex")\r\n\r\ndef AESdecrypt(password, ciphertext, base64=False):\r\n import hashlib\r\n from Crypto.Cipher import AES\r\n SALT_LENGTH = 32\r\n DERIVATION_ROUNDS=13370\r\n BLOCK_SIZE = 16\r\n KEY_SIZE = 32\r\n MODE = AES.MODE_CBC\r\n \r\n if base64:\r\n import base64\r\n decodedCiphertext = base64.b64decode(ciphertext)\r\n else:\r\n decodedCiphertext = ciphertext.decode("hex")\r\n startIv = len(decodedCiphertext)-BLOCK_SIZE-SALT_LENGTH\r\n startSalt = len(decodedCiphertext)-SALT_LENGTH\r\n data, iv, salt = decodedCiphertext[:startIv], decodedCiphertext[startIv:startSalt], decodedCiphertext[startSalt:]\r\n derivedKey = password\r\n for i in range(0, DERIVATION_ROUNDS):\r\n derivedKey = hashlib.sha256(derivedKey+salt).digest()\r\n derivedKey = derivedKey[:KEY_SIZE]\r\n cipherSpec = AES.new(derivedKey, MODE, iv)\r\n plaintextWithPadding = cipherSpec.decrypt(data)\r\n paddingLength = ord(plaintextWithPadding[-1])\r\n plaintext = plaintextWithPadding[:-paddingLength]\r\n return plaintext\r\n \r\na = AESencrypt("password", "ABC")\r\nprint AESdecrypt("password", a)\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"Sometimes I just need some encryption, so I wrote a script that fits some cases. The functions use the python Crypto library. The security of the used encryption is ok, I wrote a PBKDF2-like Key Derivation Function, that hashes the … Continue reading