Preliminary knowledge: short block processing
In the process of block cipher encryption, there will inevitably be a situation where the message length is not an integer multiple of the block length. Therefore, the last set of ciphertexts needs to be processed to make it reach the block length. This process is short block processing.
Short block processing is divided into two ways:
- filling
- Ciphertext embezzlement
filling
There are many filling methods, and the most basic method is to fill the last group according to certain rules. The filling methods are: pkcs#5/pkcs#7, ANSI X923, ISO 10126, etc.
It should be noted that even if the length of the last group reaches the packet length, that is, the message length is an integer multiple of the packet length, padding is required. This is to ensure that the encryption and decryption process can maintain the protocol rules and avoid adding new marks to indicate whether padding is performed.
Ciphertext embezzlement
As the name implies, the penultimate group of encrypted ciphertext is misappropriated to the last group of plaintext to complete the filling process.
Ciphertext embezzlement in ECB mode
Ciphertext Embezzlement in CBC Mode
Or there is another way as follows:
