Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AES/CBC/PKCS5Padding vs AES/CBC/PKCS7Padding with 256 key size performance java

Tags:

java

encryption

aes

pkcs#7

pkcs#5

I am currently using AES/CBC/PKCS5Padding for encrypting files in Java with 256 bytes key size, but while searching I found on stackexchange PKCS#5-PKCS#7 Padding and it is mentioned,

PKCS#5 padding is a subset of PKCS#7 padding for 8 byte block sizes

So I want to know

  1. Will the performance of AES/CBC/PKCS7Padding will be better then AES/CBC/PKCS5Padding for the above configuration?
  2. How can we configure the block size in Java as it is mentioned

    PKCS#7 padding would work for any block size from 1 to 255 bytes.

My sample code is,

SecureRandom rnd = new SecureRandom(); IvParameterSpec iv = new IvParameterSpec(rnd.generateSeed(16));  KeyGenerator generator = KeyGenerator.getInstance("AES"); generator.init(256); SecretKey k = generator.generateKey();  Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, k, iv);
like image 759
dbw Avatar asked Dec 25 '13 07:12

dbw

People also ask

Is AES CBC PKCS5Padding secure?

In summary of kelalaka's answer: yes AES/CBC/PKCS5Padding can create a vulnerability to Padding Oracle attack. The modern, safe option is authenticated encryption, e.g. AES/GCM/NoPadding in modern javax. crypto.

What is AES CBC PKCS5Padding in Java?

September 4, 2018 by javainterviewpoint Leave a Comment. AES (Advanced Encryption Standard) is a strong encryption and decryption algorithm and more secure than its predecessors DES (Data Encryption Standard) and 3DES (Triple-DES).

What is the difference between PKCS5 and pkcs7 padding?

The difference between the PKCS#5 and PKCS#7 padding mechanisms is the block size; PKCS#5 padding is defined for 8-byte block sizes, PKCS#7 padding would work for any block size from 1 to 255 bytes.

Is GCM better than CBC?

AES-GCM is a more secure cipher than AES-CBC, because AES-CBC, operates by XOR'ing (eXclusive OR) each block with the previous block and cannot be written in parallel. This affects performance due to the complex mathematics involved requiring serial encryption.

1 Answers

The block size is a property of the used cipher algorithm. For AES it is always 16 bytes.

So strictly speaking, PKCS5Padding cannot be used with AES since it is defined only for a block size of 8 bytes. I assume, AES/CBC/PKCS5Padding is interpreted as AES/CBC/PKCS7Padding internally.

The only difference between these padding schemes is that PKCS7Padding has the block size as a parameter, while for PKCS5Padding it is fixed at 8 bytes. When the Block size is 8 bytes they do exactly the same.

like image 75
Henry Avatar answered Sep 22 '22 21:09

Henry
Sign in to Comment

Related questions

How to set a Spring Boot property with an underscore in its name via Environment Variables?
Error:No such property: GradleVersion for class: JetGradlePlugin
JUnit 4 @BeforeClass & @AfterClass when using Suites
How to serialize object to CSV file?
Does XMLUnit have an assert to ignore whitespace
ImmutableMap.of() workaround for HashMap in Maps?
Why does the Maven assembly plugin append the descriptor ref to the finalName value?
How to Reuse HttpUrlConnection? [duplicate]
What is Handler class? [closed]
@Autowired vs @Required on setter
Get value of a parameter of an annotation in Java
What is the difference between modules and JAR files?
What is the @linkplain tag used for and how does it differ from @link
How to check in Java App Engine if we are on development workstation
Parsing json into java objects in spring-mvc
Java command line with external .jar
How to get frequency from fft result?
How to include SQLite database in executable Jar?
When to use an Event Bus? [closed]
What is the purpose of the unsigned right shift operator ">>>" in Java?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!