No announcement yet.

Small AES tip

  • Filter
  • Time
  • Show
Clear All
new posts

  • Small AES tip

    Hi guys,

    Remember this:

    When you use AES with CBC for just a string no problems, but when you use it to encode files make sure that you do after each string save the last block and use that as the IV for the next block and so on, otherwise the chain is broken.
    To see if you did it OK just make a 500.000 NUL$ file and encode that in blocks off 1024, (normally you use bigger size, this way you detect the patterns easier) there should be no repeating patterns!

    Other small one there is nothing that keep you for using the 16 bytes IV as an extra 16 bytes password.

    So that gives you 48 bytes pw range, (2^384) compared to (2^256)

    Did I say something stuppid let me know
    To Ask or Not To Ask ?

  • #2

    Well, ah, yeah. If you're not keeping the previous ciphertext, then you're NOT doing CBC. (see NIST S.P. 800-38a, Recommendation for Block Cipher Modes of Operation)

    Also covered is IV. For each restart (new message, file or connection; or repeating same message, file or connection) with same key, the IV should be nonce. Keeping IV secret from third partys is an enhance. My preference is removing the unused bits from UTC SYSTEMTIME and padding with random to make IV. Encrypt and send IV to distant end in ECB mode so they can have same IV for decrypting in CBC.

    (That won't work for files to be decrypted later, because nonce IV can't be recreated. For files use a pass phrase/word as suggested.)

    Last edited by Dale Yarker; 20 May 2008, 09:50 AM.