Crypt CBC

perlsameer has asked for the wisdom of the Perl Monks concerning the following question:

Hello everyone
I am using Crypt::CBC module
I have written two programs 1 is for crypting string
Other is for decrypting into string

CBC encryption code
#!/usr/bin/perl use Crypt::CBC; my $cipher = Crypt::CBC->new( -key => '1234Ffg!7645', -cipher => 'Blowfish' ); $plaintext = $ARGV[0]; $ciphertext = $cipher->encrypt($plaintext); $ciphertext = unpack("H16",$ciphertext); print "$ciphertext\n";

CBC Decryption code
#!/usr/bin/perl use Crypt::CBC; my $cipher = Crypt::CBC->new( -key => '1234Ffg!7645', -cipher => 'Blowfish' ); $ciphertext = pack("H16",$ARGV[0]); $plaintext = $cipher->decrypt($ciphertext); print "$plaintext\n";
Execution of programs
. 1) cryptCBC.pl "This is CBC"
output == 53616c7465645f5f
2) cryptCBC_dc.pl 53616c7465645f5f
Ciphertext does not begin with a valid header for 'salt' header mode at cryptCBC_dc.pl line 9
can any explain me about the error .....

20080718 Janitored by Corion: Added formatting, code tags, removed H1 tag as per Writeup Formatting Tips

Comment on Crypt CBC

Replies are listed 'Best First'.
Re: Crypt CBC by Corion (Patriarch) on Jul 16, 2008 at 13:27 UTC
What part of the answers you got in Crypt Blowfish do you have problems with and what did you try?	[reply]
Re: Crypt CBC by jettero (Monsignor) on Jul 16, 2008 at 13:21 UTC
Why do you pack and unpack the ciphertext by hand? Why not use encrypt_hex() and decrypt_hex()? I suspect your problem is with the pack()/unpack() not with CBC. When you say, unpack("H16", "a" x 27); you only unpack the first 16 bytes, or words or something like that. I think you want unpack("H*", $ciphertext); but more than that, I think you want $cipher->encrypt_hex($plaintext); -Paul	[reply]
Re^2: Crypt CBC by perlsameer (Initiate) on Jul 16, 2008 at 13:39 UTC
Thanks, for the idea. encrypt_hex is working fine. Can you give me some more idea about blowfish and DES. As i have codes for that they are taking only 8bit string. please tell which encryption scheme is good for keeping a encrypted password in a webapplication Thanks in Advance	[reply]
Re^3: Crypt CBC by jettero (Monsignor) on Jul 16, 2008 at 14:04 UTC
Normally you wouldn't use a symmetric cipher for storing passwords (since an intruder could get the key as easily as he got a shell). Normally you use a hash to store the passwords. For example, I believe the linux shadow file uses an MD5-hmac type setup (Crypt::PasswdMD5). An attacker can still get the passwords using applications like john, but it may take a long time to get them -- if your passwords are good enough, it could take a hundred million years, but most likely it'd be more like a couple minutes. (Your database software probably encrypts passwords one-way with a simple password() sql function.) ... but if you'd really like to do it in perl, I'd suggest either Digest::MD5 or Digest::SHA1 or something in that family. The next question you're about to ask, I imagine, is how do you un-encrypt a hash? You don't. You do something like this to compare passwords: `use Digest::MD5 qw(md5_hex) my %passwd = ( joe => ["I'maSalt", md5_hex("I'maSalt - secret")], ); sub login { my ($user, $pass) = @_; if( my $pa = $passwd{$user} ) { return 1 if md5_hex("$pa->[0] - $pass") eq $pa->[1]; } return 0; }` [download] -Paul	[reply] [d/l]
Re^3: Crypt CBC by perlsameer (Initiate) on Jul 16, 2008 at 13:55 UTC
The above mention solution what u have told is working but its giving me output 70 to 90 alphabets form just 10 character string.... as i want to keep this output in a text file, i prefer output of 7 to 10 character.. please give me solution.	[reply]
Re: Crypt CBC by jfroebe (Parson) on Jul 16, 2008 at 13:31 UTC
The following works fine (make sure the data does NOT have a '0x' prefix) `our $cipher = Crypt::CBC->new( -key => 'lkasdjf34509340#@$JG', -cipher => 'Blowfish' ); #================================================== sub encrypt; sub decrypt; #================================================== #------------------- sub encrypt { my $text = shift; my $ciphertext = $cipher->encrypt_hex($text); return $ciphertext; } #------------------- sub decrypt { my $ciphertext = shift; return($cipher->decrypt( pack("H*", $ciphertext) )); }` [download] Jason L. Froebe Blog, Tech Blog	[reply] [d/l]