AES is a block cipher, in the 128-bit case it only takes 16 bytes at a time. To encrypt more than 16 bytes, you might need a way of chaining the blocks together. You can choose not to do that, and equal input blocks will result in equal output blocks (ECB mode), which gives hints about the data . Look at https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation , look for the penguin in ECB mode, that's your problem. You can also decide to XOR each input block with the previous cipher block (CBC mode) before encrypting. You can also keep a counter and think of a number you're only going to use once, then encrypt the number and counter and XOR blocks of input data with the resulting 16 byte value (Counter mode).
ECB is weak and shit both when encrypting all of it or lines at a time. CBC needs a way to initialize the first block, an initialization vector (IV). If you encrypt individual lines, take care that you're not using the same IV twice, or else you can do some analysis on that shit. Counter mode needs a number used once (called a nonce). Never use that twice: you'll generate the same blocks (called the keystream) you XOR your data with, differential attacks become possible.
I'd encrypt the whole file in one go: you don't have the repeated key problems that CBC and counter mode give you.
>>7640410 >>7640406 According to http://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html#SimpleEncrEx , if you don't provide an operation mode in Cipher.getInstance, it probably defaults to ECB mode. If the file has repeating parts, these will show up in the encrypted output. Consider specifying the block (and padding) mode as well by calling Cipher.getInstance("AES/CTR/PKCS5Padding");
How to break it is trivial: Look for repeated lines, such a like in text is likely to be just '\n' Now xor that repeated encrypted line with '\n' and then xor that with every line Congratulations you've just decrypted the whole file QED
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.
If a post contains personal/copyrighted/illegal content you can contact me at email@example.com with that post and thread number and it will be removed as soon as possible.