Crypto++ Faq-O-Matic :
How do I use a block cipher in Crypto++ 4.x?
|Moderator: weidai (inherited from parent)|
|First you need to decide which block cipher and which cipher mode to use: CBC, CFB, OFB, or Counter Mode. (Check a crypto book if you don't understand the difference between them.) Using CBC is slightly different from using the other modes.|
Here's an example to encrypt with AES in CBC mode:
2001-Jan-11 11:15pm weidai
byte key, iv, plaintext; std::string ciphertext; // initialize key, iv, and plaintext here AESEncryption aesEncryption(key, 16); CBCPaddedEncryptor cbcEncryptor(aesEncryption, iv, new StringSink(ciphertext)); cbcEncryptor.Put(plaintext, 100); // input more plaintext here if needed cbcEncryptor.MessageEnd(); return ciphertext;2001-Jan-11 11:14pm weidai
|Here's an example to decrypt with AES in CBC mode, using a StringSource object as an alternative way to input the ciphertext instead of the Put() and MessageEnd() calls shown above:
2001-Apr-04 10:58am weidai
std::string decrypted; AESDecryption aesDecryption(key, 16); StringSource source(ciphertext, true, new CBCPaddedDecryptor(aesDecryption, iv, new StringSink(decrypted))); return decrypted;2001-Jul-22 9:02pm weidai
|CFB, OFB, and Counter Mode essentially turn a block cipher into a stream cipher. You create one of these mode objects like this: |
AESEncryption aesEncryption(key, 16); CFBEncryption cfbEncryption(aesEncryption, iv);and then use the mode object (cfbEncryption) the same way as a stream cipher:
cfbEncryption.ProcessString(plaintext, 100);Please note that a CFB, OFB, or Counter Mode (but not CBC) object should always be initialized with a block cipher encryption object, even if you want to use the mode for decryption:
AESEncryption aesEncryption(key, 16); // use the encryption object CFBDecryption cfbDecryption(aesEncryption, iv); // but the decryption modeIf you want to use the same Filter interface as shown above for CBC mode, there is a StreamCipherFilter class in filters.h that will create a Filter given a stream cipher object:
2001-Apr-04 10:55am weidai, alister
|You can also use block cyphers directly, i.e. ECB mode. Now, normally this is a bad idea, but as Bruce Schneier writes in _Applied_Cryptography_,
"For encrypting random data, such as other keys, ECB is a good mode to use. Since the data is short and random, none of the shortcomings of ECB matter for this application."
Here is an example using AES encryption in ECB mode, presuming you have a 128-bit key that you wish to encrypt. Note that this example works because the block size of the AES algorithm (128 bits) is identical to the size of the data we wish to encrypt. If you wish to encrypt data whose size is different than the block size, you will need to either write a BufferedTransformation that pads/breaks up the input, or do it "in-line" and repeatedly invoke ProcessBlock.
byte myKey, ecbKey, encryptedKey; // Populate myKey and ecbKey kere AESEncryption aesEncryption(ecbKey,16); // 128-bit ECB key aesEncryption.ProcessBlock(myKey,encryptedKey); // AES block size is identical in size to myKey and encryptedKey.
|he Crypto FAQ at http://www.math.umn.edu/~garrett/crypto/faq.html
describes the differences between EBC, CBC, PCBC, CFB, and OFB
in section 5.
2001-Dec-13 8:09pm alk
|[Append to This Answer]|
|Previous:||How do I use hex encoding and decoding?|
|Next:||How do I use a block cipher in Crypto++ 5.x?|