Why it is impossible to decipher the text?

>>> bs = AES.block_size
>>> pad = lambda s: s + (bs - len(s) % bs) * chr(bs - len(s) % bs)
>>> key = "password1234".encode() # to bytes
>>> aes_1 = AES.new(md5(key).digest(), AES.MODE_CFB, bytes([random.randint(0,0 xFF) for i in range(16)]))
>>> aes_2 = AES.new(md5(key).digest(), AES.MODE_CFB, bytes([random.randint(0,0 xFF) for i in range(16)]))
>>> d_text = pad("texttexttexttext blablablah")
>>> e_text = aes_1.encrypt(d_text)
>>> aes_1.decrypt(e_text)
b'\n\xce\x85\xeb\x8aK-\xd6\xbe\x9e\xafj;\xf9\x1e. blablablah\x05\x05\x05\x05\x05'
>>> aes_2.decrypt(e_text)
b texttexttexttext blablablah\x05\x05\x05\x05\x05'


Question: why aes_1 that the text was encrypted, couldn't the text be transcribed, and aes_2 could? All but the initial vector is the same, ie that would decipher the text IV you need to randomize? Why, then, nowhere it is written? Or so difficult to read/googled?

UPD: Pogorel more, read about the modes in detail, I understood why can't rasshifrovat, tried again - now aes_1 and aes_2 produces garbage instead of text. CANT?
September 26th 19 at 06:39
1 answer
September 26th 19 at 06:41
IV is an open (i.e., transmitted to the receiving side unprotected) encryption option. You can leave it null or initialized to any constant (same for sender and receiver) value or to randomize (but then it is necessary to inform the recipient in the clear). A randomized variant protects against the fact that someone will understand what You are sending the same message, seeing the same encrypted text.

IV changed during the encrypt on a decryption side of it must be set to the initial value.

In Your case I think (I don't know Python), after encoding in the internal variables of the object aes_1 IV changed and therefore he cannot decrypt this encrypted value of the block. Save the initial IV Before encrypting it in some temporary variable and feed it again in the initial form to the input of the decryptor.
citforum.ru/internet/infsecure/its2000_29.shtml - moises17 commented on September 26th 19 at 06:44
>>> iv = bytes([random.randint(0,0 xFF) for i in range(16)])
>>> iv
b J\x98\x9a\xa7\x92\part no xb8\x0f\xde\x89\x9cZt\xb6\x991\xe5'
>>> aes_1.IV = iv
>>> aes_2.IV = iv
>>> e_text = aes_1.encrypt(d_text)
>>> aes_1.decrypt(e_text)
b'(\x03\xaaB\xb5r?ot%B.\xa0\xf4u% blablablah\x05\x05\x05\x05\x05'
>>> aes_1.IV = iv
>>> aes_1.decrypt(e_text)
b'(\x03\xaaB\xb5r?ot%B.\xa0\xf4u% blablablah\x05\x05\x05\x05\x05'
>>> aes_2.IV == aes_1.IV
True
>>> aes_2.decrypt(e_text)
b texttexttexttext blablablah\x05\x05\x05\x05\x05'
>>> aes_2.decrypt(e_text)
b'(\x03\xaaB\xb5r?ot%B.\xa0\xf4u% blablablah\x05\x05\x05\x05\x05'
>>> aes_2.IV == aes_1.IV
True
>>> aes_1.decrypt(e_text)
b'(\x03\xaaB\xb5r?ot%B.\xa0\xf4u% blablablah\x05\x05\x05\x05\x05'
>>>

Now I understand nothing. Maybe this is a bug of what? - Gunnar.Batz commented on September 26th 19 at 06:47
The feeling that use the object for encryption/decryption of the "spoils" some of its internal variable, incorrect treatment, or even the documentation is not intended to be so. Try to create the object before each operation again. - moises17 commented on September 26th 19 at 06:50
well, I stayed, because every object and to encrypt and to decrypt the obtained disposable. Maybe it's not a bug, but a feature, but it is very strange. - Gunnar.Batz commented on September 26th 19 at 06:53

Find more questions by tags AESPythonCryptography