Finding block mode and key length from encrypted data

Aviril Smith

3/23/24, 2:21 AM

I have an AES encrypted data and the key, but I am not able to tell the block cipher mode [ECB|CBC|CTR] used in encryption or know the key length.

Below is the encrypted data output in java.

{"encrypt_data":"GorwlI4cdifSjaKM0Uu4v24DewQqsaN3VTkZMmtDZkttVdoUEV23mBYlYhbcB/oN","encrypt_aes_key":"VRkSYqtGUBr4Zzt7ET8kMw2dvrQkOBH2cGWYwKhNRUU5fCVP+UhZSDKDpQSwx5aHQNIGApRq9INRzLTlB9uJjUXgbl0yEL0Ztyk5OpBU4pIk1imRF2djXD0R0p9sal4QSEXAvL2AvTEDSp4Rw5z23xRX26WGiFUxm8yMQPlwMFUARwakqRc3MSR3mLgqh/nJrCphHveLgHkmnoiJVVDbg8lL5XD1wO2cF4MQVjL+tOjtSPhmgz8BW54RVCwIMhVYVMNoOHWOY/CVkqjng7ds7vbyUq13kOzWOIlHJjkGV2MwfaOF45Da3PgRVlTZ9qDplLjyfq/nIhWXFLFhfY+ALA=="}

Need help identifying the mode and key length used in the encryption.

1 + 1

aes

fgrieu

3/23/24, 1:07 PM

Not telling the context (software used, standard..) does not help.

Score:1

Crypto

Maarten Bodewes

3/23/24, 10:43 AM

No, we cannot. The reason is that the AES key is encrypted (or "wrapped"), probably using RSA as it is now 2048 bits in size rather than 128, 192 or 256 bits - the key size of AES. So basically you - or at least we - don't have the key.

It could be another mode, but CBC is really the only padded mode that is CPA secure and used regularly. So it is probably CBC because the output is a multiple of 16 bytes. CTR doesn't pad, so for a random message size there is only a 1/16 chance of it being a multiple of 16 bytes. ECB is insecure, so it is unlikely to be used for generic encryption.

+ 2

Daniel S

3/23/24, 11:17 AM

Perhaps worth adding that if we know the size of the input we can probably distinguish the modes: input of 33-48 bytes would have to be ECB, input of 16-31 bytes would be CBC , input of 32 bytes would be CTR.

Maarten Bodewes

3/23/24, 11:24 AM

Not 100% sure if CBC is used with a prefixed IV, but otherwise, yes, that would give a good hint. There is PCBC, CFB, OFB or even authenticated modes that could also fit though. The question is about ECB/CBC or CTR, but I'm not sure that Aviril knows that there are other modes as well.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Finding block mode and key length from encrypted data

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.