Problem using padding oracle attack on this base64 – url coded message (AES CBC 256)

I’m supposed to write a script that will get the plaintext of a message which is firstly coded in base64, then URL coded (encoded ciphertext in AES-256-CBC). Padding is used as well such that the encoded message is a multiple… Continue reading Problem using padding oracle attack on this base64 – url coded message (AES CBC 256)

How can you change the plaintext of the given secret message which is in AES-256 CBC

Say you have the secret message encrypted with AES-256 in CBC mode

5a04ec902686fb05a6b7a338b6e07760 14c4e6965fc2ed2cd358754494aceffa

where the first 16 Byte is the initial vector, the second 16 Byte is the ciphertext. The … Continue reading How can you change the plaintext of the given secret message which is in AES-256 CBC

Should I store my encrypted password’s salt and initialization vector as clear text?

I’m encrypting some file with AES-256-CBC, and I’m planning to store the cipher text in a json file, with something like:

{
“data”: “0123456789ABCDEF…”,
“salt”: “00123ABCAABBCCDD…”,
“iv”: “000111ABCCBBCCDDFD…. Continue reading Should I store my encrypted password’s salt and initialization vector as clear text?