4

Crypto. I've seen some horrible RC4 thrown around and heard of 3DES also being used, but luckily didn't lay my eyes upon it.
Now to my current crypto adventure.
Rule no.1: Never roll your own crypto.
They said.
So let's encrypt a file for upload. OK, there doesn't seem to be a clear standard, but ya'know combine asymmetric cipher to crypt the key with a symmetric. Should be easy. Take RSA and whatnot from some libraries. But let's obfuscate it a bit so nobody can reuse it. - Until today I thought the crypto was alright, but then there was something off. On two layers there were added hashes, timestamps or length fields, which enlarges the data to encrypt. Now it doesn't add up any more: Through padding and hash verification RSA from OpenSSL throws an error, because the data is too long (about 240 bytes possible, but 264 pumped in). Probably the lib used just didn't notify, silently truncating stuff or resorting to other means. Still investigation needed. - but apart from that: why the fuck add own hash verification, with weak non-cryptographic hashes(!) if the chosen RSA variant already has that with SHA-256. Why this sick generation of key material with some md5 artistic stunts - is there no cryptographically safe random source on Windows? Why directly pump some structs (with no padding and magic numbers) into the file? Just so it's a bit more fucked up?
Thanks, that worked.

Comments
  • 2
    Looks like whoever implemented it did not actually know enough about crypto to use the libraries in a sane manner.

    In general, you don't roll your own encryption and hashing algorithms but you're almost always rolling your own uses of them for your applications needs
  • 1
    There a sane libraries: GPG and NaCl, available for nearly all platforms. Abstracts away a much, but for good.
  • 1
    @sbiewald saw GPG recommended for file encryption, and am a Bernstein fanboy.., but got sucked into the old stuff that will be supported & used anyway.
    (also just waiting to sneak in some postquantum algo or zero knowledge protocol - just to annoy the dev after me😄)
Add Comment