Compute the AES-encryption key given the plaintext and its ciphertext?
Posted
by
Null Pointers etc.
on Programmers
See other posts from Programmers
or by Null Pointers etc.
Published on 2011-03-11T01:17:07Z
Indexed on
2011/03/11
8:18 UTC
Read the original article
Hit count: 308
database
|encryption
I'm tasked with creating database tables in Oracle which contain encrypted strings (i.e., the columns are RAW). The strings are encrypted by the application (using AES, 128-bit key) and stored in Oracle, then later retrieved from Oracle and decrypted (i.e., Oracle itself never sees the unencrypted strings).
I've come across this one column that will be one of two strings. I'm worried that someone will notice and presumably figure out what those two values to figure out the AES key.
For example, if someone sees that the column is either Ciphertext #1 or #2:
- Ciphertext #1:
- BF,4F,8B,FE, 60,D8,33,56, 1B,F2,35,72, 49,20,DE,C6.
- Ciphertext #2:
- BC,E8,54,BD, F4,B3,36,3B, DD,70,76,45, 29,28,50,07.
and knows the corresponding Plaintexts:
- Plaintext #1 ("Detroit"):
- 44,00,65,00, 74,00,72,00, 6F,00,69,00, 74,00,00,00.
- Plaintext #2 ("Chicago"):
- 43,00,68,00, 69,00,63,00, 61,00,67,00, 6F,00,00,00.
can he deduce that the encryption key is "Buffalo"?
- 42,00,75,00, 66,00,66,00, 61,00,6C,00, 6F,00,00,00.
I'm thinking that there should be only one 128-bit key that could convert Plaintext #1 to Ciphertext #1. Does this mean I should go to a 192-bit or 256-bit key instead, or find some other solution?
(As an aside, here are two other ciphertexts for the same plaintexts but with a different key.)
- Ciphertext #1 A ("Detroit"):
- E4,28,29,E3, 6E,C2,64,FA, A1,F4,F4,96, FC,18,4A,C5.
- Ciphertext #2 A ("Chicago"):
- EA,87,30,F0, AC,44,5D,ED, FD,EB,A8,79, 83,59,53,B7.
© Programmers or respective owner