Blowfish Cipher Tutorials - Herong's Tutorial Examples - Version 1.21, by Dr. Herong Yang
Crypt::CFB Operation Simulation
A tutorial Perl example is provided to show how to use Crypt::Blowfish module to simulate the CFB operation mode. The simulation result does no match the result from the Crypt::CFB module, which has an incorrect code logic on calculating the block size.
In previous tutorials, we learned that Crypt::CFB uses 0x0000000000000000 as the default IV value, and does not do any padding. Now I want to verify its accuracy by compare its ciphertext with a CFB simulation process.
Here is my example Perl script, Crypt-CFB-Blowfish-Simulation.pl, that simulates the CFB operation by calling Crypt::Blowfish one block at time. It also verifies the ciphertext by calling the Crypt::CFB module directly.
#- Crypt-CFB-Blowfish-Simulation.pl
#- Copyright (c) 2015, HerongYang.com, All Rights Reserved.
#-
use Crypt::CFB;
use Crypt::Blowfish;
my ($keyHex, $ivHex, $plainHex) = @ARGV;
print("Crypt::CFB Blowfish Simulation - output in Hex:\n");
$keyHex = "0000000000000000" unless $keyHex;
$ivHex = "0000000000000000" unless $ivHex;
$plainHex = "0000000000000000" unless $plainHex;
$keyStr = pack("H*", $keyHex);
$ivStr = pack("H*", $ivHex);
$plainStr = pack("H*", $plainHex);
print(" Secret Key ($keyHex)\n");
print(" IV ($ivHex)\n");
print(" Plaintext ($plainHex)\n");
print("Creating Crypt::Blowfish Object ...\n");
$blowfish = new Crypt::Blowfish($keyStr);
$count = 0;
$cipherHexPrev = $ivHex;
while ($plainHex) {
$count++;
$plainHexBlock = substr($plainHex,0,16);
$plainHex = substr($plainHex,16);
print("Simulating CFB on block $count...\n");
print(" Prev ciphertext ($cipherHexPrev)\n");
print(" Plaintext ($plainHexBlock)\n");
$cipherStrPrev = pack("H*", $cipherHexPrev);
$plainStrBlock = pack("H*", $plainHexBlock);
$tempStrBlock = $blowfish->encrypt($cipherStrPrev);
$tempHexBlock = unpack("H*", $tempStrBlock);
print(" Temp Ciphertext ($tempHexBlock)\n");
$cipherStrBlock = $tempStrBlock ^ $plainStrBlock;
$cipherHexBlock = unpack("H*", $cipherStrBlock);
print(" Ciphertext ($cipherHexBlock)\n");
$cipherHexPrev = $cipherHexBlock;
}
print("Creating Crypt::CFB Object ...\n");
$cipher = Crypt::CFB->new($keyStr, 'Crypt::Blowfish', $ivStr);
print("Encrypting entire plaintext with Crypt::CFB...\n");
$cipherStr = $cipher->encrypt($plainStr);
$cipherHex = unpack("H*", $cipherStr);
print(" Ciphertext ($cipherHex)\n");
When running this example script with a simple set of inputs, I got this output:
C:\herong>perl Crypt-CFB-Blowfish-Simulation.pl 0000000000000000 0000000000000000 0000000000000000 Crypt::CFB Blowfish Simulation - output in Hex: Secret Key (0000000000000000) IV (0000000000000000) Plaintext (0000000000000000) Creating Crypt::Blowfish Object ... Simulating CFB on block 1... Prev ciphertext (0000000000000000) Plaintext (0000000000000000) Temp Ciphertext (4ef997456198dd78) Ciphertext (4ef997456198dd78) Creating Crypt::CFB Object ... Encrypting entire plaintext with Crypt::CFB... Ciphertext (7822d975f85d126d)
As you can see from the output, we have a problem here. The ciphertext generated from my CFB simulation process does not match with the Crypt::CFB module.
If we double check the ciphertext result from my simulation process, the result 0x4ef997456198dd78 is correct. You can use the following steps to verify:
C[1] = P[1] XOR E(K, IV) : Based on CFB algorithm
= P[1] XOR 0x4ef997456198dd78 : Based on Test Vector table
= 0x0000000000000000 XOR 0x4ef997456198dd78
= 0x4ef997456198dd78
I think that the Crypt::CFB module has a problem with the Crypt::Blowfish module. What do you think?
I looked at the Crypt::CFB source code as C:\local\Perl\site\lib\Crypt\CFB.pm and noticed that it has incorrect logic for determining the block size of the Crypt::Blowfish module. The source code is using block size of 1 byte and it should be 8 bytes.
Conclusion: Crypt::CFB gives incorrect result for Blowfish encryption operations.
Last update: 2015.
Table of Contents
Installing Crypt::CFB 0.02 with ActivePerl
Crypt::CFB Not Requiring Padding
►Crypt::CFB Operation Simulation
OpenSSL "enc -bf-ecb" for Blowfish/ECB Encryption
OpenSSL "enc -bf-cbc" for Blowfish/CBC Encryption
OpenSSL "enc -bf-cfb" for Blowfish/CFB Encryption