0

i have a string that is encrypted from c# with this method : 

public static string KEY = "81736529";
public  string EncryptString(string stringToEncrypt,string keyStr)
{
    byte[] key = { };

    byte[] IV = { 0x01, 0x12, 0x23, 0x34, 0x45, 0x56, 0x67, 0x78 };
    try
    {
        key = Encoding.UTF8.GetBytes(keyStr);
        DESCryptoServiceProvider desProvidr = new
        DESCryptoServiceProvider();
        byte[] inputByteArray = Encoding.UTF8.GetBytes(stringToEncrypt);
        MemoryStream ms = new MemoryStream();
        CryptoStream csstreamdata = new CryptoStream(ms,
        desProvidr.CreateEncryptor(key, IV), CryptoStreamMode.Write);
        csstreamdata.Write(inputByteArray, 0, inputByteArray.Length);
        csstreamdata.FlushFinalBlock();
        return Convert.ToBase64String(ms.ToArray());
    }
    catch (Exception ex)
    {
        throw ex;
    }
}

i'm trying to make a decryption to this string by using several types of methods in PHP but unfortunately it didn't works !! here is my code in php 

    $key = "81736529";
$data = "Ntl1xIjA1k3zn+uRxw8s+w==";

$ivSize = 8;
$iv = "1 18 35 52 69 86 103 120";
$data = substr ($data,0, 8);
$decrypted = rtrim(mcrypt_decrypt(MCRYPT_CRYPT, $key, $data, MCRYPT_MODE_CBC,$iv));

echo $decrypted;
user1139589
  • 5
  • 1
  • 7
  • Why this: `$data = substr ($data,0, 8);`? This will invalidate your data. – KIKO Software Mar 19 '17 at 10:42
  • @KIKOSoftware i just remove it and nothing happened – user1139589 Mar 19 '17 at 10:47
  • 3
    I didn't say it would suddenly work, just that with that piece of code it certainly cannot work. – KIKO Software Mar 19 '17 at 10:49
  • sorry for misunderstanding, i got you. – user1139589 Mar 19 '17 at 10:51
  • It is best not to use mcrypt, it is abandonware, has not been updated in years and does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding that can't even be used with binary data. mcrypt has many outstanding [bugs](https://sourceforge.net/p/mcrypt/bugs/) dating back to 2003. Instead consider using [defuse](https://github.com/defuse/php-encryption) or [RNCryptor](https://github.com/RNCryptor), they provide a complete solution and are being maintained and is correct. – zaph Mar 19 '17 at 12:21
  • Do not use DES, it is not secure and has been supersede by AES, the Advanced Encryption Standard. – zaph Mar 19 '17 at 12:24

1 Answers1

0

You have four problems:

  • Your IV encoding is wrong. Use something like:

    $iv = "\x01\x12\x23\x34\x45\x56\x67\x78";

    or 

    $iv = hex2bin("0112233445566778");

  • Implement proper PKCS#5 padding. The block size for DES and Triple DES is 8 byte and for AES it is 16 byte.

  • $data = substr ($data,0, 8); breaks your ciphertext. Since your ciphertext is Base64-encoded, you have to decode it first:

    $data = base64_decode($data);

  • You need to use MCRYPT_DES instead of MCRYPT_CRYPT.

Putting it together:

$iv = hex2bin("0112233445566778");
$key = "81736529";
$data = "Ntl1xIjA1k3zn+uRxw8s+w==";

$data = base64_decode($data);
$decrypted = pkcs7unpad(mcrypt_decrypt(MCRYPT_DES, $key, $data, MCRYPT_MODE_CBC, $iv), 8);

echo $decrypted;

Security considerations:

  • Keys are supposed to be chosen randomly from the whole range of bytes. If you only use numbers, you make your key brute-forceable within seconds. Each byte in a key should be from the range 0x00 - 0xFF (0 - 255) and not from 0x30 - 0x39 ("0" - "9"). Look into an ASCII table for more.

  • Don't use DES nowadays. It only provides 56 bit of security. AES would be a much better, because it's more secure with the lowest key size of 128 bit. There is also a practical limit on the maximum ciphertext size with DES. See Security comparison of 3DES and AES.

  • The IV must be unpredictable (read: random). Don't use a static IV, because that makes the cipher deterministic and therefore not semantically secure. An attacker who observes ciphertexts can determine when the same message prefix was sent before. The IV is not secret, so you can send it along with the ciphertext. Usually, it is simply prepended to the ciphertext and sliced off before decryption.

Community
  • 1
  • 1
Artjom B.
  • 61,146
  • 24
  • 125
  • 222