Loading collection data...
Collections are a way for you to organize kata so that you can create your own training routines. Every collection you create is public and automatically sharable with other warriors. After you have added a few kata to a collection you and others can train on the kata contained within the collection.
Get started now by creating a new collection.
No. There are two parts of an encryption/decryption method: the block cipher used (e.g AES, DES), and the mode of operation which specifically refers how a block cipher is composed across different blocks (it has no meaning if you only have 1 block). When you say the encrytpion algorithm is
AES-CBC
it meansAES
cipher operating inCBC
mode.CBC
alone doesn't specify how to encrypt each block.So there is the first, biggest problem with the kata: it inflates the notion of CBC into the entire encryption process (cipher, mode of operation, input/output processing). It claims it teaches CBC, but in reality we have to process the input into blocks of bits (padding is ignored), encrypt the blocks, chain the blocks with CBC, then processes the blocks again. This is like 70% other unrelated things outside CBC. This is already a sign you should revisit the concepts again before creating the kata about educating others about this specific concept.
Also, I don't see why you're proposing to prematurely delete the kata, since there's nothing about the kata that you've addressed with your responses. What's happening with
decrypt
being calling in the same instanceencrypt
is called? Why are the random tests reusing the same instance, callingencrypt
many times, and expect both the key and IV stays the same each call? These are definitely anti-conventional designs (no established crypto library does this, because misuse of crypto is worse than no crypto), and if you insist on maintaining this design that go against all common best practices, you better have a convincing reason, which you haven't provided any.If the kata is to be improved, at least you need to address these two things:
My understanding is that all applications of CBC within cybersecurity are stateful- however, this doesn't mean that CBC is, by definition, stateful. Isn't CBC just a method of encryption/decryption? If you could lead me to a source that CBC by nature (rather than the applications of) is stateful I will delete this kata. I still maintain that it's useful to know how CBC works. No need to be harsh by calling it a scam! Lmk if you think of a way to do random testing with it.
So this is not actually CBC, and whatever being introduced in the kata does not resemble actual CBC, or capture the core idea of it (there is an internal state that updates as input is processed).
Please don't pretend misinformation to be "beginner-friendly material", this would be a scam: whoever trying to learn from the kata will be mislead (to outright harmed) by the wrong information perpetuated by the kata. Note that good introduction materials will make sure the core ideas are intact.
I see, thanks for that information, I appreciate it. I just entered tech/security center so this is all good stuff to know. I'll fix this eventually, but I don't see how this is relevant as a design flaw- it's a simplification of how CBC works, and it's more of an introduction to the concept of CBC encryption. Thoughts?
Right, that's true. Do you have any suggestions for how I implement random tests?
This comment is hidden because it contains spoiler information about the solution
Critical kata design/testing flaw: since CBC is stateful, the same instance should not be used again for decryption after performing an encryption operation. Even
pycryptodome
is designed this way: if you try to calldecrypt
afterencrypt
it throws an errordecrypt() cannot be called after encrypt()
. A new instance is required to decrypt the message.It's also invalid to
encrypt
/decrypt
multiple times, because the internal state will be changed after an operation. You're only allowed toencrypt
/decrypt
multiple times on continuous segments of data becauseencrypt(a) + encrypt(b) = encrypt(a+b)
for CBC, and CBC is not an AEAD mode.In general, stream ciphers are almost always stateful and each encryption/decryption should be done fresh. So the kata should probably have two function
encrypt_cbc(plaintext, key, iv)
anddecrypt_cbc(ciphertext, key, iv)
instead. Or at least, the kata should specify (and revise) how the testing shall be done.This comment is hidden because it contains spoiler information about the solution
(hopefully) made it much clearer now. Also, I did implement a series of random tests so that people cannot cheat anymore. Thank you for your input!
Fixed all of those things. Thank you for your input!
Not enough information in the description to solve it (no idea how to use the IV for example) and I didn't feel like reading the whole wikipedia page.
So here's something you might want to fix.
This sentence is ambiguous: it can either mean base64 encoding (which is 3 bytes -> 4 base64 alphabets), or base64 alphabet.
Also, the example section is jumbled up as a single line. If you want formatted text block you should put it in a code block (with 3 backticks).
Added random tests/fixed suggestions, thank you for your help!
Thank you! Will work on it now.
Actual testcases: Need random tests (Otherwise people can just hardcode all the answers without actually solving the task). Reference material listed below:-
Sample / actual testcases: Missing testcase/solution import:
Happy authoring ^^
Loading more items...