I am mainly looking to perform this trick for fun. I have access to an API that uses WebCrypto under the hood for encrypt and decrypt methods. I would like to hijack the decrypt method in order to create a deterministic seed.
I have read other articles, and it seems like this trick should be relatively straight-forward, as AES-CBC does not have any integrity checks (that I know of). My understanding is that if the block-padding is correct, then a standard cipher-text payload should successfully decrypt using any secret key, even if that payload decrypts into random nonsense.
In practice, this doesn't appear to work, and I am not sure why. I can brute-force my way through by starting with a payload and iv of all zeroes, and incrementing by one until I produce a valid cipher-text that can be decrypted by a given key, but that cipher-text will fail when decrypted by another key.
I would like to figure out, if possible, how to craft a cipher-text that has no known solution, but can be decrypted by any given key in order to produce a deterministic random seed.
Any help or expertise would be greatly appreciated, as I would like to show this off for an upcoming hackathon event. Thank you!
