Encryption and decryption
-
Can someone summarize the process going on ..what is mKey and mIV .... I'm not from IT background ....so problem in understanding
Sandy
The Key is the actual data that will be used to encrypt or decrypt the whole message. Think of it as the "Password" to the message. The IV is a set of random numbers used as a "salt" to start the encryption process. If all your messages start the same way, then if you know the start of one message, it is easier for you to work out the key for a different message - because you know some of the data that made it up. The IV prevents that happening by providing a set of random numbers to start the encryption process, which vary from message to message. That is why they are transmitted in clear, normally as a block of bytes at the front of the message. Knowing the IV values gives you nothing if you are trying to hack the message - it is normally XORed with the first block of data before encryption so it becomes less readable. Subsequent blocks of data use the output from the first block to generate the IV for the second, and so forth. If you are feeling particularly paranoid, then just prefix your actual data with a block full of random rubbish, so that by the time the encryptor gets to any duplicated data it has already mangled the IV to death...:laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
The Key is the actual data that will be used to encrypt or decrypt the whole message. Think of it as the "Password" to the message. The IV is a set of random numbers used as a "salt" to start the encryption process. If all your messages start the same way, then if you know the start of one message, it is easier for you to work out the key for a different message - because you know some of the data that made it up. The IV prevents that happening by providing a set of random numbers to start the encryption process, which vary from message to message. That is why they are transmitted in clear, normally as a block of bytes at the front of the message. Knowing the IV values gives you nothing if you are trying to hack the message - it is normally XORed with the first block of data before encryption so it becomes less readable. Subsequent blocks of data use the output from the first block to generate the IV for the second, and so forth. If you are feeling particularly paranoid, then just prefix your actual data with a block full of random rubbish, so that by the time the encryptor gets to any duplicated data it has already mangled the IV to death...:laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
Thanx for your explination and can i know where this information is available (like text books...) Because i want to know that in detail.
Sorry, but I can't help you there! It's been so long since I learnt this stuff that I have no chance of remembering which text books I used...:laugh: The best guess I can offer is that it is accrued from a multitude of textbooks, plus the internet, plus experience! Not very helpful, I know... :-D
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
Sorry, but I can't help you there! It's been so long since I learnt this stuff that I have no chance of remembering which text books I used...:laugh: The best guess I can offer is that it is accrued from a multitude of textbooks, plus the internet, plus experience! Not very helpful, I know... :-D
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
The Key is the actual data that will be used to encrypt or decrypt the whole message. Think of it as the "Password" to the message. The IV is a set of random numbers used as a "salt" to start the encryption process. If all your messages start the same way, then if you know the start of one message, it is easier for you to work out the key for a different message - because you know some of the data that made it up. The IV prevents that happening by providing a set of random numbers to start the encryption process, which vary from message to message. That is why they are transmitted in clear, normally as a block of bytes at the front of the message. Knowing the IV values gives you nothing if you are trying to hack the message - it is normally XORed with the first block of data before encryption so it becomes less readable. Subsequent blocks of data use the output from the first block to generate the IV for the second, and so forth. If you are feeling particularly paranoid, then just prefix your actual data with a block full of random rubbish, so that by the time the encryptor gets to any duplicated data it has already mangled the IV to death...:laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
Nice explanation! :-D
When I was a coder, we worked on algorithms. Today, we memorize APIs for countless libraries — those libraries have the algorithms - Eric Allman
-
Nice explanation! :-D
When I was a coder, we worked on algorithms. Today, we memorize APIs for countless libraries — those libraries have the algorithms - Eric Allman
Thank you!
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
Thanx for your explination and can i know where this information is available (like text books...) Because i want to know that in detail.
Schneier's stuff is generally regarded as the best around. Applied Cryptography (https://www.schneier.com/book-applied.html[^]) is probably the best you're going to find on the subject. The book itself is a little dated, but it's still a very, very good reference, and the majority of the topics are still relevant today. It's a very technical, and requires a working knowledge of C and some advanced mathematics. He's got some other less technical books as well on the subject of cryptography - Practical Cryptography is decent if you don't want to know the inner workings, but want to know how to effectively select correct algorithms and implement cryptography. I haven't read Cryptography Engineering yet, it's supposed to be a second edition of Practical Cryptography. I'm not sure if it gets as technically detailed as Applied. A list of his books are at https://www.schneier.com/books.html[^]
