IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [aes]

The Advanced Encryption Standard (AES) is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.

The Advanced Encryption Standard (AES) is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.

864 questions
27
votes
2 answers

Encrypting using AES 256, do I need IV?

I'm looking into encrypting with AES using a 256bit key, and I notice that a number of methods in various languages, for instance http://php.net/manual/en/function.openssl-encrypt.php, and I notice that the IV parameter is optional. Does this mean…
DanH
  • 405
  • 1
  • 5
  • 8
10
votes
2 answers

What are the variables of AES?

AES is a standard encryption routine that can be used consistently across multiple languages, assuming all the variables match up. My question is, what are the variables. I am aware of the following Variant (is this AES-256, or just plain…
700 Software
  • 13,997
  • 3
  • 55
  • 82
9
votes
2 answers

Decryption on AES when the same key and IV are used

Let's say that I have three messages being encrypted by AES-128 with the same key and IV every time. Is it possible to decrypt the key being used? And more importantly, is it possible to decrypt the plaint text of those messages?
geraldgreen
  • 191
  • 1
  • 1
  • 3
7
votes
2 answers

How to handle improper key sizes (AES encryption)

I couldn't find the right answer in specs how to handle improper key sizes which are greater than AES_KEY_SIZE. (I found that keys which size are to short will be right filled with 0x00 values). So for example, if a 144-bit key (instead of 128-bit…
Georg Richter
7
votes
1 answer

Has there been a breach of AES?

Are there any known logical flaws of AES Cryptography? I understand that you can always break the encryption by brute-force or by having backdoors, but I have not come across any sources that show a flaw or potential breach/cracks in AES. Are there…
BitwiseStarter
  • 143
  • 5
6
votes
1 answer

Weakness of AES OFB mode

I found these comments regarding AES OFB Mode: "This mode is a slightly less common mode, quite similar to CFB above, but which should not be used as a stream cipher due to inherent weaknesses when the data width doesn't match the blocksize of the…
user20409
  • 61
  • 1
  • 2
5
votes
3 answers

How to best use JavaScript to encrypt client side so the server never sees it?

I don't want the server to ever see the raw input and would rather have the client do the encryption and then pass the data (over https) to the server for storage. If I use a JS library to AES encrypt it what other things do I have to look out for?
Ryan Detzel
  • 161
  • 1
  • 1
  • 3
4
votes
1 answer

Confused about symmetric 128,256 key and the secret provided

I have searched and searched but cannot locate an answer to my question so I am hoping the experts here can. When I read about symmetric encryption like AES I see mention of the key and key size such as 256 bit keys. When I code in PHP and use AES I…
user35032
  • 73
  • 3
4
votes
2 answers

question on hashing an aes-encrypted file

I am storing multiple sensitive data on a server that I do not own. The data is encrypted using aes-256 using cbc mode. The keys are only with me, and are stored securely. I am worried about the data getting corrupted on the server via transfer…
marcoo
  • 894
  • 1
  • 10
  • 19
4
votes
1 answer

how does AES encryption's algorithm actually work?

can anyone actually explain in simple and plain terms, how does AES encryption algorithm works? i can guess that the only significant distinction between AES-128 and AES-256 is their key size and NOT their algorithm,
torhub1
  • 115
  • 1
  • 2
  • 3
3
votes
1 answer

AES-256 Decrypt a VHD File

I recently messed up with my McAfee Encrypted Laptop (2 Drives) and got MBR overwritten by Linux (Ubuntu). I used DETech CD on C: but after 2% it failed due to Bad Sector. Using a safety precaution i have cloned the drives using Clonezilla and the…
Mitesh Manani
  • 33
  • 3
2
votes
2 answers

Can EAP-TLS and AES256 encryption be used together?

What is the difference between EAP-TLS and AES 256 encryption? Can they be used together? Or are they separate protocols?
KimberleyK
  • 459
  • 1
  • 6
  • 12
2
votes
0 answers

Is it safe to store the AES passphrase encrypted with the resulting AES key?

I found out that an encryption tool encrypts and stores the passphrase entered by the user and used to generate the AES key in addition of the encrypted payload. Pseudocode: key = md5(passphrase) iv = 0 cipher = Cipher(key, "AES/CBC/PKCS7",…
siebert
  • 21
  • 2
2
votes
1 answer

256 Bit Key into AES 128 same output as 256 Bit Key into AES 256

I have two different crypto libraries I created, one is in java and uses the standard built-in java crypto libraries. The other uses openssl and has been wrapped in java through the JNI. I'm currently replacing the default java library code with the…
JBires
  • 123
  • 1
  • 3
2
votes
2 answers

What's wrong with using AES directly/"raw"?

When developing applications that require crypto routines, I know to use libraries like keyczar and libsodium rather than "raw" crypto routines myself. However, for the specific case of using AES-CBC symmetric encryption of a block of text, I'm…
xyz
  • 123
  • 2
1
2 3