1

I've been trying to use AES from OpenSSL and got to know that I need to use the EVP-based implementations rather than the AES_*.

I need to use AES-128 implementation to generate bitstreams, essentially passing various keys, and plaintexts to analyze the ciphertext generated for cryptanalysis of the algorithm. I went through the Question, How do I decide what mode to use? which linked to the NIST documentation and an answer. I unfortunately am unable to decide on what implementation would be good for me to use.

I will be using plaintexts of the order of 2^14- 2^16 bits. I wish to know what would be the best implementation to use.

(TLDR: Need to use AES-128 implementations for cryptanalysis for academia, not sure which implementation from EVP_AES to use, will be using large plain texts)

Rohit Gupta
  • 451
  • 2
  • 4
  • 10
Luce
  • 11
  • 1
  • well what are you trying to analyze? – user253751 Mar 03 '23 at 19:05
  • @user253751 the pattern of the ensuing bitstream, its linear complexity, and doing further analysis – Luce Mar 03 '23 at 21:20
  • 1
    Ensuing bit stream using what? AES is a block cipher. There are things like Monte Carlo tests but I wonder how useful those would be. Linear complexity is a property of the mathematical definition of a block cipher, you don't need any implementation for that. That leaves "further analysis". I would propose you do that after gaining some more understanding about how block ciphers operate. – Maarten Bodewes Mar 03 '23 at 21:33
  • By the way, no idea why you have a specific set of plaintext, but I wonder why you would not just write 2 KiB to 8 KiB. – Maarten Bodewes Mar 03 '23 at 21:36
  • Since I am working with 128-bit keys, I want to use plaintext of the order of 4n^2 ideally, which amounts to 2^16 bits. As for "further analysis" I wish to compute the Maximal Order Complexity, the end goal is to check how vulnerability in the keys and the plaintext used affect the weakness of the ciphertext. I shall read through the posts about the Monte Carlo tests linked. – Luce Mar 03 '23 at 21:43
  • AES is considered secure. You won't get any results. If you want to start anywhere, you probably want to use a reduced round version. For that you need the source code, not any high level function. – Maarten Bodewes Mar 04 '23 at 02:23
  • Thank you, I will look into it, – Luce Mar 05 '23 at 13:54
  • @Luce AES is a block cipher. To encrypt a bitstream with a block cipher, you use a mode. If you are talking about streams this implies you have already chosen some specific mode. AES encrypts blocks; AES-CBC (for example) encrypts streams. (And then you also need a padding scheme in order to round up the stream length so it's a multiple of the block size.) – user253751 Mar 06 '23 at 11:47

0 Answers0