Exploit 3DES-CBC with known checksum of plaintext and repeated IV

j123b567

4/13/24, 11:44 AM

I came across the following enterprise encryption scheme. I laughed when I first saw it, but I'm not a specialist and I'd like to know how bad it really is.

3DES-CBC
k1=k2=k3 for 3DES
IV for CBC is repeated every 256 messages. Every communication party has a different set of 256 IVs but they are all predictable and similar in many places. IV has a fixed part unique for each communication party and an 8-bit counter.
16bit checksum of plaintext is known (sum of all bytes modulo 2^16)
plaintext of some messages or part of it is known but it is not obvious, which message contains it

I wonder if this information can be used to further weaken an already weak algorithm and if it opens doors for feasible brute-force attacks or any other more clever methods.

0 + 3

cryptanalysis

cbc

3des

fgrieu

4/13/24, 11:57 AM

"k1=k2=k3" for 3DES means it's equivalent to simple-DES. thus [by design](https://crypto.stackexchange.com/a/34228/555) the key can be found at low cost with FPGAs, and has been so for decades ([ref1](https://en.wikipedia.org/wiki/EFF_DES_cracker), [ref2](https://www.cl.cam.ac.uk/~rnc1/descrack/DEScracker.html#SecFPGA), [ref3](https://www.copacobana.org), [ref4](https://crack.sh/)). How the IV and checksum can be exploited is heavily context-dependent. I'm not making this an answer because we lack details for these other attacks.

Maarten Bodewes

4/16/24, 9:47 AM

Given the description of the IV & checksum can at least be used to (mostly) validate a guessed single DES key. Given that this is DES, I don't think you'd need much more.

j123b567

4/17/24, 5:42 AM

Thank you, guys. So, bruteforce is doable but probably still impractical in my case. It is definitely vulnerable to replay attacks. I was hoping for something similar to the Padding Oracle attack and an attack similar to BEAST. Are there any details I should provide?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Exploit 3DES-CBC with known checksum of plaintext and repeated IV

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.