(Answer) (Category) Crypto++ Faq-O-Matic :
How do I use a block cipher in Crypto++ 4.x?
Moderator: weidai (inherited from parent)
First you need to decide which block cipher and which cipher mode to use: CBC, CFB, OFB, or Counter Mode. (Check a crypto book if you don't understand the difference between them.) Using CBC is slightly different from using the other modes.
Here's an example to encrypt with AES in CBC mode:
2001-Jan-11 11:15pm weidai
byte key[16], iv[16], plaintext[100];
std::string ciphertext;
// initialize key, iv, and plaintext here
AESEncryption aesEncryption(key, 16);
CBCPaddedEncryptor cbcEncryptor(aesEncryption, iv, new StringSink(ciphertext));
cbcEncryptor.Put(plaintext, 100);
// input more plaintext here if needed
cbcEncryptor.MessageEnd();
return ciphertext;
2001-Jan-11 11:14pm weidai
Here's an example to decrypt with AES in CBC mode, using a StringSource object as an alternative way to input the ciphertext instead of the Put() and MessageEnd() calls shown above:
2001-Apr-04 10:58am weidai
std::string decrypted;
AESDecryption aesDecryption(key, 16);
StringSource source(ciphertext, true,
        new CBCPaddedDecryptor(aesDecryption, iv, new StringSink(decrypted)));
return decrypted;
2001-Jul-22 9:02pm weidai
CFB, OFB, and Counter Mode essentially turn a block cipher into a stream cipher. You create one of these mode objects like this:
        AESEncryption aesEncryption(key, 16);
        CFBEncryption cfbEncryption(aesEncryption, iv);
and then use the mode object (cfbEncryption) the same way as a stream cipher:
        cfbEncryption.ProcessString(plaintext, 100);
Please note that a CFB, OFB, or Counter Mode (but not CBC) object should always be initialized with a block cipher encryption object, even if you want to use the mode for decryption:
        AESEncryption aesEncryption(key, 16);            // use the encryption object
        CFBDecryption cfbDecryption(aesEncryption, iv);  // but the decryption mode
cfbDecryption.ProcessString(plaintext, 100); // back to plaintext
If you want to use the same Filter interface as shown above for CBC mode, there is a StreamCipherFilter class in filters.h that will create a Filter given a stream cipher object:
        StreamCipherFilter cfbEncryptor(cfbEncryption);

2001-Apr-04 10:55am weidai, alister
You can also use block cyphers directly, i.e. ECB mode. Now, normally this is a bad idea, but as Bruce Schneier writes in _Applied_Cryptography_,

     "For encrypting random data, such as other keys, ECB is a good mode to use.
      Since the data is short and random, none of the shortcomings of ECB
      matter for this application."

Here is an example using AES encryption in ECB mode, presuming you have a 128-bit key that you wish to encrypt. Note that this example works because the block size of the AES algorithm (128 bits) is identical to the size of the data we wish to encrypt. If you wish to encrypt data whose size is different than the block size, you will need to either write a BufferedTransformation that pads/breaks up the input, or do it "in-line" and repeatedly invoke ProcessBlock.

    byte myKey[16], ecbKey[16], encryptedKey[16];
    // Populate myKey and ecbKey kere
    AESEncryption aesEncryption(ecbKey,16); // 128-bit ECB key
    aesEncryption.ProcessBlock(myKey,encryptedKey); // AES block size is identical in size to myKey and encryptedKey.


2001-Jul-03 3:09pm koan

he Crypto FAQ at http://www.math.umn.edu/~garrett/crypto/faq.html describes the differences between EBC, CBC, PCBC, CFB, and OFB in section 5.
2001-Dec-13 8:09pm alk
[Append to This Answer]
2006-Dec-11 10:52pm
Previous: (Answer) How do I use hex encoding and decoding?
Next: (Answer) How do I use a block cipher in Crypto++ 5.x?
This document is: http://www.cryptopp.com/cgi-bin/fom.cgi?file=42
[Search] [Appearance] [Show Expert Edit Commands]
This is a Faq-O-Matic 2.721.
This FAQ is administered by Wei Dai.