Crypt::CBC Encryption with Random Salt

A tutorial Perl example is provided to show how to use Crypt::CBC to perform encryption with a passphrase only. Crypt::CBC will take a random salt and derive the secret key and the IV.

Now it's time to look at the forth option, Random Salt, which allows us to specify a passphrase only to the Crypt::CBC module, then ask the module to take a random salt and derive the secret key and the IV.

According to the Crypt::CBC manual page, we need to provide the following parameters when calling the new() method to use the Random Salt option:

To help us understand the Random Salt option, I wrote the following example Perl script, Crypt-CBC-Blowfish-Random-Salt.pl:

#- Crypt-CBC-Blowfish-Random-Salt.pl
#- Copyright (c) 2015, HerongYang.com, All Rights Reserved.
#-
   use Crypt::CBC;
   $algorithm = "Blowfish";
   my ($passHex, $plainHex) = @ARGV;

   print("Crypt::CBC Random Salt - output in Hex:\n");
   $passHex = "1122334455667788" unless $passHex;
   $plainHex = "0123456789abcdef" unless $plainHex;
   $passStr = pack("H*", $passHex);
   $plainStr = pack("H*", $plainHex);
   print("   Passphrase      ($passHex)\n");
   print("   Plaintext       ($plainHex)\n");
      
   print("Creating Crypt::CBC with Passphrase...\n");
   $cipher = Crypt::CBC->new( 
      -cipher => $algorithm,
      -key => $passStr,
      -salt => '1',
      -header => 'salt',
      -padding => 'none'
      );

   print("Encrypting plaintext...\n");
   $cipherStr = $cipher->encrypt($plainStr);
   $cipherHex = unpack("H*", $cipherStr);
   print("   Cipher Output   ($cipherHex)\n");

   $headerNameHex = substr($cipherHex,0,16);
   $headerValueHex = substr($cipherHex,16,16);
   $realCipherHex = substr($cipherHex,32);
   print("   Header Name     ($headerNameHex)\n");
   print("   Header Value    ($headerValueHex)\n");
   print("   Ciphertext      ($realCipherHex)\n");

   print("Decrypting ciphertext...\n");
   $decryptStr = $cipher->decrypt($cipherStr);
   $decryptHex = unpack("H*", $decryptStr);
   print("   Decrypted text  ($decryptHex)\n");

   $passStr = $cipher->passphrase();
   $passHex = unpack("H*", $passStr);
   print("   Pass Phrase     ($passHex)\n");

   $saltStr = $cipher->salt();
   $saltHex = unpack("H*", $saltStr);
   print("   Salt            ($saltHex)\n");

   $ivStr = $cipher->iv();
   $ivHex = unpack("H*", $ivStr);
   print("   IV              ($ivHex)\n");

If we execute the example script 2 times with the same passphrase and the same plaintext, we will get something like:

C:\herong>perl Crypt-CBC-Blowfish-Random-Salt.pl 
   1122334455667788 0123456789abcdef
Crypt::CBC Random Salt - output in Hex:
   Passphrase      (1122334455667788)
   Plaintext       (0123456789abcdef)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output   (53616c7465645f5f85ff52dbf07c5c025dec7bfaad76c6c7)
   Header Name     (53616c7465645f5f)
   Header Value    (85ff52dbf07c5c02)
   Ciphertext      (5dec7bfaad76c6c7)
Decrypting ciphertext...
   Decrypted text  (0123456789abcdef)
   Pass Phrase     (1122334455667788)
   Salt            (85ff52dbf07c5c02)
   IV              (f8d3bece3ee417cd)

C:\herong>perl Crypt-CBC-Blowfish-Random-Salt.pl 
   1122334455667788 0123456789abcdef
Crypt::CBC Random Salt - output in Hex:
   Passphrase      (1122334455667788)
   Plaintext       (0123456789abcdef)
Creating Crypt::CBC with Passphrase...
Encrypting plaintext...
   Cipher Output   (53616c7465645f5f307ca823a5ef32dcd92f812e84c5eef4)
   Header Name     (53616c7465645f5f)
   Header Value    (307ca823a5ef32dc)
   Ciphertext      (d92f812e84c5eef4)
Decrypting ciphertext...
   Decrypted text  (0123456789abcdef)
   Pass Phrase     (1122334455667788)
   Salt            (307ca823a5ef32dc)
   IV              (babfdf4f9fc34aae)

The output shows that our understanding is correct.

Last update: 2015.

Table of Contents

 About This Book

 Blowfish Cipher Algorithm

 Perl Crypt::Blowfish Module

 Perl Crypt::ECB Perl Module

Perl Crypt::CBC Module

 What is Crypt::CBC?

 Installing Crypt::CBC 2.33 with ActivePerl

 Crypt::CBC Encryption with Literal Keys

 Crypt::CBC Literal Key Error Cases

 Crypt::CBC Encryption with Crypt::Blowfish Objects

 Crypt::CBC Operation Simulation

 Crypt::CBC Encryption Verification

 Blowfish CBC 2-Block Test Vectors

 Crypt::CBC Prepending IV to Ciphertext

 Crypt::CBC Encryption with Salted Keys

 Crypt::CBC Salted Key Test Cases

 Crypt::CBC Secret Key and IV Algorithm

Crypt::CBC Encryption with Random Salt

 Crypt::CBC Padding Options

 Crypt::CBC Padding Option Tests

 Crypt::CBC Blowfish Encryption Summary

 Perl Crypt::CFB Perl Module

 OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption

 OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption

 OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption

 OpenSSL "enc -bf-ofb" for Blowfish/OFB Encryption

 References

 PDF Printing Version