Search This Blog

Monday, December 14, 2009

MARS on iPhone

Peace be upon you

How are you guys? today I am going to show you something I have done as a data security assignment, the assignment was a presentation and application, me and other 3 guys were suppose to write something about MARS and Application, I helped in the Presentation and took the application :D, do you understand anything?

Well, let us begin the whole thing is about encryption algorithm called MARS, developer by IBM, you can find more about it

And here is the presentation

So, the idea is to make application for the ready made code of IBM, so the plane was todo simple application that do simple encryption and decryption, here is snapshots for the application, you can find the code here (Cocoa Touch Objective C project)

Lets see the application.

The application starts with the operation, you have to select wither you want to encrypt or decrypt
Enter the operation Key, in this case the "Encryption key"
Enter the data that you want to encrypt.
Here is the result, and as we use OFB + Random IV, when you reencrypt by just clicking back and next, you will get anther result
HEre is anther result for the encryption due to the IV + OFB
3rd result , Thanks to the OFB and IV
Save the file

Lets do decryption for what we have encrypted
Select Decryption
Then enter the key
Select the file name, you can enter free text in this page.
Now you have got your data

I have added little part for some fun it is the Mode of Operation , you can read more about it here

The mode that I have used was "OFB, output feed back"

I hope that you enjoy the application and the presentation :)
Thanks for your time.

Ahmed Essam


Hossameldin said...

Nice work :)

I noticed that you are appending the random IV to the cipher data.

In my opinion, this is not practical because the IV is considered as a part of the encryption/decryption key itself.

If I were you, I would have made a lookup table of -say- 128 predefined IVs and just append the index of the randomly selected IV instead of the IV data itself.

Of course the lookup table MUST be shared between the encrypting and decrypting partied ... and may be encrypted with another key as well:)

Ahmed Essam said...

Peace be upon you

First of all, I am honored by your comment :)

The target of the application was to prove to the professor that I can write code :D, because he want some kind of application.

As the objective was to demo the library and show that we understand some parts of it nothing more is required.

There is more neat way to hide the IV that is nicely done and can be used but it was not in the scope of this application

Thanks for your comment :)

Ahmed Essam