Closed ryanohoro closed 8 years ago
Hey there,
First of all, thanks a lot for your pull request(s). I checked the AES implementation and that works perfectly, kudos!
However, only the payload is encrypted and the rest of the data can be retrieved easily by base64 decoding the packet. What would you think, instead, about encrypting the entire data and transmitting it? Keen to discuss about this.
Cheers!
Well, my first thought was to do a second encryption operation for the header, but for the register packet, which is pretty long already, the filename field is arbitrary which makes separating the two sections difficult. Ultimately the objective was to preserve the capability of packet length randomization, but if you don't mind all packets being a multiple of 16 bytes, I could move the encryption to the send/receive functions. Otherwise some design changes are in order for the headers.
I see, that makes sense now :+1:
Created AES encryption/decryption functions and removed XOR in both the python and powershell versions. Encryption was moved from the plugins back to det.py so the raw files are encrypted first. This prevents payloads from having to be a multiple of a block length, conflicts with very small payload sizes and reducing the impact of payload size randomization.