Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connectionsPath: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: colin Newsgroups: sci.crypt Subject: Re: What are the chances of this encrytion being broken? Date: Fri, 28 Mar 2025 18:32:51 +1300 Organization: A noiseless patient Spider Lines: 42 Message-ID: References: <4c1bfc3d01c8a48ad81d1fbf4587e5431cd9389b@i2pn2.org> <20250325tu215422@o15.ybtra.de> <20250326we192526@o15.ybtra.de> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Fri, 28 Mar 2025 06:32:53 +0100 (CET) Injection-Info: dont-email.me; posting-host="28054c3d15fa0440cf1bd965662a2eab"; logging-data="2165070"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18pGMfjCieepKUutS3YbAXtnlXM0m4RC5g=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:GzEMo5OdjBwfwr0OC1Z55NPZrN0= In-Reply-To: Content-Language: en-US Bytes: 2763 On 28/03/25 04:56, Marcel Logen wrote: > colin in sci.crypt: > > [...] > >> Looks like it's up to the implementation of how it implements padding >> and how many bytes it requires to do it. >> >> $ openssl enc -aes-256-cbc -in 511bytes.txt -pass pass:1234 -pbkdf2 | wc -c >> 528 >> $ cat 511bytes.txt | aespipe -e aes256 -P password.txt | wc -c >> 512 >> >> The way I understand it is AES is only a basic building block that takes >> a 128bit block and scrambles it to a different 128bit block. >> All the other building blocks ( eg: salt, IV, padding, mode of operation >> etc ) are added in to suit what the implementation requires. > > | user15@o15:/tmp$ stat -c '%s' 511bytes.txt > | 511 > > | user15@o15:/tmp$ openssl enc -aes-256-cbc -in 511bytes.txt -pass pass:1234 -pbkdf2 | wc -c > | 528 > > | user15@o15:/tmp$ openssl enc -aes-256-cbc -in 511bytes.txt -pass pass:1234 -pbkdf2 -nosalt | wc -c > | 512 > > -nosalt => 512 > I think I have got my head around it now. Openssl adds salt by default. At least 1 byte of padding is always added ( up to 16 ) Hence with -nosalt 511 -> 512 512 -> 528 ( one block full of just padding ) 513 -> 528 527 -> 528 528 -> 544