Re: AES encryption doubts about array sizes

On Tue, 2 Dec 2008 08:18:15 -0800 (PST), jimgardener
<jimgardener@xxxxxxxxx> wrote:

hi,
i was learning to do AES encryption using inlineIVs .I used an input
byte[] of 16X3 bytes, secretkey from a byte[] of 24 bytes and an iv
byte[] of 16 bytes.

<code snippet>


byte[] ivBytes=new byte[]{
0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00,0x08, 0x09, 0x0a, 0x0b,
0x0c, 0x0d, 0x0e, 0x0f };
Your IV is exactly 16 bytes, which equals the blocksize of AES.

cipher.init(Cipher.ENCRYPT_MODE,key,ivSpec);
byte[] cipherText=new byte[cipher.getOutputSize(ivBytes.length
+input.length)];
int ctLength=cipher.update(ivBytes,0,ivBytes.length,cipherText,0);
Here you encrypt the IV, a strange thing to do. This is not the way
an IV should be used, you gave it to the cipher in the init() method
as the ivSpec parameter, you don't need to use it again and you don't
need to remove it when decrypting. That is done for you
automatically.

You have put exactly one block into AES. It looks as if the AES
engine is being lazy here and only outputs a block when it has the
first byte of the next block. Try giving it a 17 byte array here and
see what happens.


<code snippet/>
when i ran this code ,i get these values for the number of bytes
stored in the input after each update() call

encryption::ctLength=0
encryption::ctLength=48
encryption::ctLength=80

Why is the number of bytes stored in the output 0 after the first
update call?shouldn't it be equal to the size of iv?
Looks like a lazy implementation that only outputs a block after the
first byte of the next block is received or doFinal() is called.

The 80 byte total indicates a final padding block since your input was
an exact number of blocks; there has to be at least 1 byte of padding
in PKCS7.


also,I tried the decryption ,

<code snippet>

<code snippet/>

here i get ,
decryption:: bufLength=64
decryption:: bufLength=64

shouldn't these be 48 instead?
Why? If you encrypt a 16 byte IV followed by 48 bytes of plaintext
then you should expect to get 16 + 48 = 64 bytes decyphered. If you
hadn't encrypted the IV then you would get the expected 48 bytes.

rossum

If someone can explain how these numbers occur..it wd help me a lot.I
am a beginner in this topic.
thanks
jim

.

Relevant Pages

  • Re: file encryption questions
    ... Any account that is properly logged into and that has the ... any account with the DRA decryption ... > When i select a file and click advanced to encrypt, ... > Also, what level of encryption is performed on the file (similar AES, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: AES with constant key
    ...  But if the message file you encrypt say with straight AES ECB mode ... And thats if AES is perfect which is not likely. ... to trick people into using weak crypto so that the big 3 letter ... My Compression codehttp://bijective.dogma.net/ ...
    (sci.crypt)
  • RE: AES Symmetric Key Secure Storage
    ... private key - both stored in a CAPI container. ... Now if you use PER USER AES key than the best is to protect the key (ie. ... encrypt it) with a key pair stored in the user's container. ...
    (microsoft.public.platformsdk.security)
  • Re: Need secure block cipher for 96 bits of block size
    ... AES need 128 bits data blocks. ... If you need to send exactly 96 bits of ciphertext for 96 bits of plaintext ... Encrypt the first 64 bits of plaintext to give a first 64-bit block. ... To decrypt you first decrypt the second block, and append the last 32 bits ...
    (sci.crypt)
  • Re: Create hash with AES?
    ... "Pieter Philippaerts" wrote in message ... the AES is the most sensible choice. ... Before storing the key on a disk, encrypt it ... > would be wise to use a public/private key pair on a smart card. ...
    (microsoft.public.dotnet.security)