AES – Page 22 – WindowsTechs.com

AES/ECB vs AES/CBC for <16 bytes [migrated]

Posted on July 20, 2020 by Andriy Gerasika

AES/ECB is commonly considered "weak" to the point that some static analysis software identifies it as not secure and suggests using AES/CBC instead.
The question is: what if size of encrypted input is always less or equal 16 byt… Continue reading AES/ECB vs AES/CBC for <16 bytes [migrated]→

Password relevance in key derivation function

Posted on July 4, 2020 by NowsyMe

I’m questioning the password used in a key derivation function, whether It makes sense to make it unique for every generated symmetric key and why

Continue reading Password relevance in key derivation function→

Client-side File Encryption With Synchronized Sharing

Posted on June 29, 2020 by NowsyMe

I have a particular cryptographic scenario where the following activities take place and conditions must be met:

User A is part of an organisation which shares all data storage internally.
User A wants to upload a file to the data storag… Continue reading Client-side File Encryption With Synchronized Sharing→

How can I convert 128-bit AES encryption key to a string using Python? [migrated]

Posted on June 25, 2020 by Hashir Sarwar

I am trying to decode my 128-bit AES key to string to store it in database. I have tried using Python built-in decode() with ascii and utf-8 codecs but it is not working.

Continue reading How can I convert 128-bit AES encryption key to a string using Python? [migrated]→

How to generate the same AES encrypted message in crypto-js? [migrated]

Posted on June 22, 2020 by user2790103

I tried setting iv or not setting iv, but encrypted messages were always different.
import CryptoJS from "crypto-js";
const iv = CryptoJS.lib.WordArray.create([0x20212223, 0x24252627, 0x28292a2b, 0x2c2d2e2f]);
const a = CryptoJS…. Continue reading How to generate the same AES encrypted message in crypto-js? [migrated]→

PyCrypto based encrypted Property class for Google App Engine standard – is this AES implementation secure

Posted on June 19, 2020 by Cameron Roberts

I have a need to encrypt OAuth access and refresh tokens stored in the Google Cloud Datastore.
The goal here is to ensure that if the Datastore entities are accessed independently of the code, the OAuth tokens will be encrypted and thus un… Continue reading PyCrypto based encrypted Property class for Google App Engine standard – is this AES implementation secure→

Format for data & key exchange/storage

Posted on June 16, 2020 by

Is there a standard format for storing/exchanging encrypted data along with the key needed to decrypt it (data is encrypted with a single use symmetric key and the symmetric key itself is encrypted with asymmetric key for the receiver)?

W… Continue reading Format for data & key exchange/storage→

Does encrypting different versions of the same file or folder with the same key make it easier for hackers to attempt the decoding? [migrated]

Posted on June 14, 2020 by Tariq Hasan

Assuming the hacker has access to the ciphers of each of the versions, will it help him/her to decipher the original file(s) by doing some sort of comparison of the ciphers?

Continue reading Does encrypting different versions of the same file or folder with the same key make it easier for hackers to attempt the decoding? [migrated]→

AES-256 ESSIV in dm-crypt

Posted on June 10, 2020 by wtdmn

I am playing around with disk encryption. https://gitlab.com/cryptsetup/cryptsetup/-/wikis/DMCrypt#iv-generators says:

essiv: “encrypted sector|salt initial vector”, the sector number is encrypted with the bulk cipher using a salt as k… Continue reading AES-256 ESSIV in dm-crypt→

Data integrity when AES key can be modified

Posted on June 10, 2020 by multithr3at3d

I found a client-server application where the server creates a random AES-256-CBC key, and gives this key to the client for use as an authentication token. The key is used on the server to encrypt a string describing the user’s privilege l… Continue reading Data integrity when AES key can be modified→