13

I'm trying to encrypt something using crypto-js and using the AES type of encryption.

The problem i'm having is that my encrypted value is different every time I encrypt it.

With this simple example, I run the same encryption 5 different times and I get 5 different results. Wtf is going on here?

task.js

var AES = require('crypto-js/aes');
var key = "abc123";
var secret = "encryptThisWord";

console.log(AES.encrypt(secret, key).toString());
console.log(AES.encrypt(secret, key).toString());
console.log(AES.encrypt(secret, key).toString());
console.log(AES.encrypt(secret, key).toString());
console.log(AES.encrypt(secret, key).toString());

enter image description here

Catfish
  • 18,876
  • 54
  • 209
  • 353

3 Answers3

15

Check the contents of AES.encrypt(secret, key) - it is an object with a number of fields, iv and salt of particular interest (jsFiddle).

Each time you run the AES.encrypt crypto-js chooses new IV and new salt (you can supply your own values, by the way). Random IV means that output will be different even with the same key, and random salt means that the actual encryption key is different too, because it is derived from the the passphrase and salt.

You may (actually, should) ask why the first ten Base64 output characters are the same when both the encryption key and IV are different? That is because calling toString() on the ecnryption result converts it into "OpenSSL-compatible string", which is basically Base64("Salted__" + salt + ciphertext), where "Salted__" is the constant prefix which, of course, leads the same prefix in the Base64 output.

Oleg Estekhin
  • 8,063
  • 5
  • 49
  • 52
1

I faced the same issue. This is simply due to us not knowing the working of algorithm. Simply put, the key and IV are different for each call of the encrypt method, as mentioned in the above answer.

To ensure the exact same value for each iteration - you can refer to this answer https://stackoverflow.com/a/47096284/4098272

Alternatively, you can use the SHA3 function and compare the two Hash values.

Jonathan Cardoz
  • 874
  • 9
  • 12
0

I found the prolem the follow code have the example

var message = "Data to be encrypted";
var password = "H02u72V6fznKpcvP9ARHFqkQRlGP9om8";


function encrypt (msg, pass) {
  
  
        const key = pass;
        const keyutf = CryptoJS.enc.Utf8.parse(key);
        const iv = CryptoJS.enc.Utf8.parse('678025308de70905');
        const enc = CryptoJS.AES.encrypt(msg, keyutf, { iv: iv });
        const encStr = enc.toString();

  var transitmessage = enc.toString();
  return transitmessage;
}

function decrypt (transitmessage, pass) {
  const keyutf = CryptoJS.enc.Utf8.parse(pass);
  const iv = CryptoJS.enc.Utf8.parse('678025308de70905');
const dec = CryptoJS.AES.decrypt(
            { ciphertext: CryptoJS.enc.Base64.parse(transitmessage) },
            keyutf,
            {
                iv: iv
            });
        const decStr = CryptoJS.enc.Utf8.stringify(dec)
        console.log('decStr', decStr);
  return decStr;
}

var encrypted = encrypt(message, password);
var decrypted = decrypt(encrypted, password);
Ricardo Parra
  • 1
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Apr 25 '23 at 09:11