on3_person wrote:
> It seems like a basic question to me at least. When using any method of
> encryption and you're going to decrypt something, how does the
encryption
> method know that you've got the right password/key? Is there something
> stored within the file, that when you enter your key it says "yes, that
is
> correct"? If you're given an encrypted statement and told to decrypt
it,
> how do you know you've done it correctly unless you're told that it is
> correct(assuming it's not plain text and extremely visible)?
As said before, for symetric ciphers (DES/AES) you don't. You need a
separate mechanism. One way to do that is to put in a hash, message
authentication code or simply a known piece of plaintext.
Note that DES and AES are block ciphers. They encrypt any piece of
plaintext into a cipher text *of the same length*. This means that every
piece of ciphertext decodes to a piece of plaintext, otherwise there
would be pieces of plaintext you cannot encode, or pieces of ciphertext
you cannot decode to the original plaintext.
It's a common mistake to just encrypt something in the case an attacker
can change the message (man-in-the-middle). You may have confidentiality
(this is also dependent on other factors of course) but you cannot be
sure that the attacker did not change the ciphertext.
Even if these changes are picked up by the underlying system (e.g., the
computer that tries to read an invalid message), you'll probably end up
with an error that does not relate to the cryptographic problem. For
instance, the encrypted HTML page does not contain valid HTML.
Maarten
|
