I am trying to read from a file and encrypt the data using AES in CFB mode with no padding
'AES/CFB/NoPadding'. The IV is 16bytes long.
Given that AES by default, works with 16 byte blocks, I would have thought of using a padding scheme if I were using CBC or any other mode but CFB. CFB essentially requires no padding for plaintext.
So the problem is that if my file contains data which is less than 16 bytes, then nothing gets encrypted. If it is greater than 16 bytes, then only the first 16 bytes get encrypted.
This clearly indicates that the block size is kicking in and if there is an underflow or overflow of bytes w.r.t. the block size, then that data/bytes are discarded.
What I don't understand is while using CFB, I need not pad the data.. right! Then why is the 16byte default block size of AES coming into action and truncating data?
CFB (short for cipher feedback) is an AES block cipher mode similar to the CBC mode in the sense that for the encryption of a block, Bi, the cipher of the previous block, Ci-1 is required. CFB also makes use of an initialization vector like CBC.
The way encryption works in AES CTR mode is that we generate some random bits with the encryption key provided and the IV. With these random bits we then XOR them with our string. This creates a randomized text.
AES 128 uses 10 rounds, AES 192 uses 12 rounds, and AES 256 uses 14 rounds. The more rounds, the more complex the encryption, making AES 256 the most secure AES implementation. It should be noted that with a longer key and more rounds comes higher performance requirements.
Block cipher algorithms like AES and Triple DES in Electronic Code Book (ECB) and Cipher Block Chaining (CBC) mode require their input to be an exact multiple of the block size. If the plaintext to be encrypted is not an exact multiple, you need to pad before encrypting by adding a padding string .
You have failed to specify the number of bits you want to feedback for that mode, and thus you are getting the default 128 bits. It sounds like you want 8 bits, for which you should use the following argument to getInstance():
Cipher.getInstance("AES/CFB8/NoPadding");
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With