user966682
Reputation: 111
How to decrypt pbkdf2 encrypted text without knowing the IV
I am trying to decrypt an encrypted text. I have the salt value, iteration count and key length. But i don't have the initialization vector (IV) value, how can i go about and decrypt this. I also have secret key.
For time being I am using some random IV value whose size is 16 bytes. But still i am not able to decrypt the value properly. Can anyone please help as i am stuck with this for a long time?
Below are the values which were given to me.
salt= EW0h0yUcDX72WU9UiKiCwDpXsJg=, Iteration=128,Keylenght=16.
MasterKeyName="Passphrase1", MACMethod algo = hmac-sha1, MACKey="jq/NdikC7AZf0Z+HEL5NrCICV8XW+ttzl/8687hVGHceoyJAaFws+111plQH 6Mlg" encrypted kae = "pM7VB/KomPjq2cKaxPr5cKT1tUZN5tGMI+u1XKJTG1la+ThraPpLKlL2plKk6vQE" and valuemac="lbu+9OcLArnj6mS7KYOKDa4zRU0=".
Secret key = "xxxxxxxxxxx".
Below is the code which I am using to decrypt.
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec spec = new PBEKeySpec(secretkey.toCharArray(), salt, iterationCount, keyStrength);
SecretKey tmp = factory.generateSecret(spec);
key = new SecretKeySpec(tmp.getEncoded(), "AES");
dcipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
AlgorithmParameters params = dcipher.getParameters();
iv = "0000000000000000".getBytes();
System.out.println("IV " + new sun.misc.BASE64Encoder().encodeBuffer(iv));
dcipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
byte[] decryptedData = new sun.misc.BASE64Decoder().decodeBuffer(base64EncryptedData);
byte[] utf8 = dcipher.doFinal(decryptedData);
Upvotes: 1
Views: 5262
Answers (1)
Maarten Bodewes
Reputation: 93948
You cannot decrypt the first block of CBC encrypted ciphertext if you don't know the IV.
It is however not unlikely that you can retrieve the IV value:
- often the IV value is 16 bytes retrieved after the key bytes) generated from the PBKDF;
- the IV is often prepended to the ciphertext, resulting in one block of garbage before the full plaintext during decryption;
- not secure but the IV is also left out or set to a constant value, with an all-zero IV being the most common (this is identical in CBC mode to not using any IV.)
Upvotes: 1
Related Questions
- Encryption/decryption fails
- How to decrypt the hashed password of pbkdf
- Is it possible to recover a PBKDF2 hashed password?
- Decryption of AES 256 CBC With iv & PKCS7Padding Encrypted String (Encrypted using Java)
- Decrypt and encrypt using PBKDF2 java
- Decrypt encrypted text in java
- Java (Android) Decrypting msg with IV attached
- Retrieving salt, key, IV in java from encrypted bytes
- How to get IV for decryption in Java?
- How to decrypt AES/CBC with known IV