Encrypt binary data with aes-ecb on node.js

5
votes

I try to do crypto on node.js but badly I fail to have the same result than online sites.

I want to encrypt some binary data with a binary key. I use the tutorial on nodejs site but I have a different result from my reference data set. My reference data set is validated with java code, with C code and with two online site : http://aes.online-domain-tools.com/ and https://www.hanewin.net/encrypt/aes/aes-test.htm

Have you an idea how to encrypt the same way that those sites? I guess it can be the padding?

Thanks in advance. François

My reference data set :

    key=8CBDEC62EB4DCA778F842B02503011B2
    src=0002123401010100000000000000c631
    encrypted=3edde3f1368328a1a37cf596bc8d4a7c

My code :

    var key = new Buffer('8CBDEC62EB4DCA778F842B02503011B2', 'hex')
    var src = new Buffer('0002123401010100000000000000c631', 'hex')
    cipher = crypto.createCipher("aes-128-ecb", key)
    result = cipher.update(src).toString('hex');
    result += cipher.final().toString('hex');
    "result   : " + result

Output :

    result   : 4da42b57b99320067979086700651050e972f1febd1d506e5c90d3b5d3bc9424
1
node.jsencryptionaesecb
Change crypto.createCipher to crypto.createCipheriv and pass an empty IV (""). Also, you might want to disable padding. - Artjom B.
Never use ECB mode. It's deterministic and therefore not semantically secure. You should at the very least use a randomized mode like CBC or CTR. It is better to authenticate your ciphertexts so that attacks like a padding oracle attack are not possible. This can be done with authenticated modes like GCM or EAX, or with an encrypt-then-MAC scheme. - Artjom B.
@ArtjomB. There are instances where ECB mode is acceptable. A typical example is a random session code that is encrypted. There are very specific requirements as 'sufficient' entropy on input. The example data above is a single 128-bit block. - Matt
@Matt If you can design and crypto analyze a mode of operation then you can likely assess whether ECB is secure enough for your specific use case. If you're talking about encrypting a session code then I would say that only encryption doesn't make sense in that case. Instead, use transport layer security possibly along with a cryptographic signature of the session code along with a signed timestamp. - Artjom B.
@ArtjomB. There are various implementations and different requirements. There are specific implementations where ECB is sufficient. The bold comment 'Never use ECB' is misleading. I will not comment on the 'sense' part of the session key example as I don't believe you have enough details to draw a conclusion. - Matt

1 Answers

9
votes

Thank you Artjom B.

I post hereunder the fixed code :

var key = new Buffer('8CBDEC62EB4DCA778F842B02503011B2', 'hex')
var src = new Buffer('0002123401010100000000000000c631', 'hex')
cipher = crypto.createCipheriv("aes-128-ecb", key, '')
cipher.setAutoPadding(false)
result = cipher.update(src).toString('hex');
result += cipher.final().toString('hex');
"result   : " + result

To decrypt, do the same :

var key = new Buffer('8CBDEC62EB4DCA778F842B02503011B2', 'hex')
var encrypted = new Buffer('3edde3f1368328a1a37cf596bc8d4a7c', 'hex')
decipher = crypto.createDecipheriv("aes-128-ecb", key, '')
decipher.setAutoPadding(false)
result = decipher.update(encrypted).toString('hex');
result += decipher.final().toString('hex');
"result   : " + result

Thanks, i am sincerely grateful. Regards, François