AES-192-ECB encrypted in node.js crypto and decrypt in java

Question

I give up in trying to research for solutions regarding my problem. I've done my part and search about this problem and encountered solutions (like this https://stackoverflow.com/a/21252990/5328303) which was really the same problem as mine but he is using aes-128-ecb.

I cannot get the solution to work for aes-192-ecb mode.

Here's the node.js part (take note I cannot change this part of the code since this is a third party provider and I'm very limited.)

console.log(encrypt("hello world"))

function encrypt(data) {
  const aesKey = '4327601417486622'
  const algorithm = 'aes-192-ecb'
  const cipher = crypto.createCipher(algorithm, aesKey)
  const crypted = cipher.update(data, 'utf-8', "hex") + cipher.final("hex")
  return crypted
}
// expected: 066c47b162cd5c464ea9805742c1af9b

And here's my Java function:

public static String decrypt(String seed, String encrypted) throws Exception {
    byte[] keyb = seed.getBytes("UTF-8");
    MessageDigest md = MessageDigest.getInstance("MD5");
    byte[] thedigest = md.digest(keyb);
    SecretKeySpec skey = new SecretKeySpec(thedigest, "AES");
    Cipher dcipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
    dcipher.init(Cipher.DECRYPT_MODE, skey);

    byte[] clearbyte = dcipher.doFinal(toByte(encrypted));
    return new String(clearbyte);
}

The java code above works well if I use aes-128-ecb on my node code but it cannot decode when I'm using aes-192-ecb or even aes-256-ecb.

Maybe I just don't quite understand openssl EVP_BytesToKey function since I read that crypto.createCipher() uses it when encrypting. It also said that it is hashing the key with MD5 which I'm currently doing with the java code.

Also I was thinking that the aesKey that I have is only 16 bytes and maybe that's why it won't work with AES-192 and only works with AES-128. I want to understand how openssl/crypto does it when I'm only passing a 16 byte key with the required 24 bytes key for AES-192 since I cannot change the node.js code.

Am I on the right track? Can anyone guide me?

Thank you!

I'm relatively sure that, even though you specify AES-192, AES-128 is being used due to your key length. Try right padding the key with 0's e.g. not as a string, as a buffer. — Luke Joshua Park, Jun 09 '19 at 21:04
Yes, the [`crypto#createCipher`](https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password_options)-method in the Nodejs-code uses `EVP_BytesToKey` to generate the key. Therefore, in the `decrypt`-method of the Java-code, the key must also be generated with `EVP_BytesToKey` so that the same key is created for any key size (and not only for 16 bytes). A Java-implementation of `EVP_BytesToKey` can be found [here](https://stackoverflow.com/a/11786924/9014097). The parameters to be used are described in the doc of `crypto#createCipher`: MD5, 1 iteration, no salt. — Topaco, Jun 09 '19 at 21:43
@PresidentJamesK.Polk in my case we need to encrypt a lot of values (hundreds of millions) so need to find the balance between security and CPU utilization. AES 192 has been shown to use the least CPU between 128, 192 and 256 bits and has sufficient security for us, so I would like to explicitly use 192. — Uncle Long Hair, Jun 25 '20 at 14:24
@UncleLongHair: I've never heard of an implementation of AES for which AES-192 is faster than AES-128. AES-192 is the least supported of the AES keysizes, so it will be the least portable choice. — President James K. Polk, Jun 25 '20 at 14:38
@PresidentJamesK.Polk https://ieeexplore.ieee.org/document/8720983 "AES 192 bit requires the lowest CPU usage compared with the other two AES algorithms" — Uncle Long Hair, Jun 25 '20 at 14:42
@UncleLongHair: Only the abstract is accessible, and the claim is at least surprising if not unlikely. AES-192 uses 2 more rounds than AES-128. `openssl speed aes` shows that AES-192 is slower by the expected amount. — President James K. Polk, Jun 25 '20 at 14:51

AES-192-ECB encrypted in node.js crypto and decrypt in java

0 Answers0