AES – Page 5 – WindowsTechs.com

AES mode for reusing same keyset

Posted on September 3, 2023 by Valmond

I’m building a sharing protocol where users share data. To make it so only those authorised to read the data can do it, I’m using AES256 encryption. Every authorized person has a keyset (IV & key) to decrypt the information. The same k… Continue reading AES mode for reusing same keyset→

Is there any benefit of encryption if the password is known?

Posted on August 24, 2023 by Okoba

Is there a benefit of encryption of a file (for example with AES-GCM), if the password is included alongside the encrypted data?
I know it sounds like a useless question, but I am curious about its side benefits.
For example, maybe it is b… Continue reading Is there any benefit of encryption if the password is known?→

Some questions about AES-128 key wrapping using RFC3394

Posted on August 17, 2023 by Sir Muffington

It’s that time of the year – I’m trying to learn how AES-128-CBC encryption works. My key is (since it’s AES-128) is 16 bytes, my IV is 16 bytes as well. My implementation of key wrapping does apparently does not help me much to comprehend… Continue reading Some questions about AES-128 key wrapping using RFC3394→

Recommended temporary key size for communication

Posted on August 9, 2023 by R-Rothrock

What I’m going to do is use AES-256 encrypted network communication to agree upon a pseudo-random key for further communications between two peers, so that every "session" utilizes a separate key, ergo cracking the key once doesn… Continue reading Recommended temporary key size for communication→

Is it possible to reverse engineer an encryption algorithm derived from AES-128 given these conditions?

Posted on August 8, 2023 by Sir Muffington

Given the following conditions:

The encryption program, which uses some algorithm resembling AES-128 but with unknown modifications to real AES-128.
It uses a fixed key and IV.
It is written in Rust WITH debugging symbols but no source co… Continue reading Is it possible to reverse engineer an encryption algorithm derived from AES-128 given these conditions?→

Is rsyncrypto secure?

Posted on July 26, 2023 by StrongBad

My information security model right now is "if you want the data that I am storing on the cloud, you can have it" and I would like to change that to "if you want the data and have a $5 wrench, you can have it." To that … Continue reading Is rsyncrypto secure?→

How to form the IV and Additional Data for TLS when encrypting the plaintext

Posted on July 24, 2023 by rare77

When using AES GCM for encryption within TLS and referring to the below diagram:

Is iv[0:3] the fixed IV established from the handshake and iv[4:11] are the current (write) sequence number + 1?

For TLS 1.2 the additional data is type || … Continue reading How to form the IV and Additional Data for TLS when encrypting the plaintext→

AES ECB cookie bypass

Posted on June 29, 2023 by user294797

I am currently participating in a CTF Challenge and have reached a stage where I discovered a "log_admin" page. This page generates a cookie that is encrypted using AES 128 ECB. I obtained this information by retrieving the page’… Continue reading AES ECB cookie bypass→

Is AES worse than OTP, if so is there proofs [migrated]

Posted on June 17, 2023 by Lingling

My train of thought went, OTP is very secure if key is unknown because I am guessing the original message. AES on the other hand tells me I gave it the wrong key, and if I did I can just switch using another key without having to worry abo… Continue reading Is AES worse than OTP, if so is there proofs [migrated]→

Why AES256 with SHA384 in TLS

Posted on May 28, 2023 by Cal-linux

Is there any concrete/solid rationale for this choice of cipher? Seems to be the default when I connect via TLS1.2 to an Apache2 server (whatever latest version on Debian 11) with configuration lines SSLCipherSuite HIGH:!aNULL and SSLProt… Continue reading Why AES256 with SHA384 in TLS→