I am currently using AES/CBC/PKCS5Padding
for encrypting files in Java with 256 bytes key size, but while searching I found on stackexchange PKCS#5-PKCS#7 Padding and it is mentioned,
PKCS#5 padding is a subset of PKCS#7 padding for 8 byte block sizes
So I want to know
AES/CBC/PKCS7Padding
will be better then AES/CBC/PKCS5Padding
for the above configuration?PKCS#7 padding would work for any block size from 1 to 255 bytes.
My sample code is,
SecureRandom rnd = new SecureRandom(); IvParameterSpec iv = new IvParameterSpec(rnd.generateSeed(16)); KeyGenerator generator = KeyGenerator.getInstance("AES"); generator.init(256); SecretKey k = generator.generateKey(); Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, k, iv);
In summary of kelalaka's answer: yes AES/CBC/PKCS5Padding can create a vulnerability to Padding Oracle attack. The modern, safe option is authenticated encryption, e.g. AES/GCM/NoPadding in modern javax. crypto.
September 4, 2018 by javainterviewpoint Leave a Comment. AES (Advanced Encryption Standard) is a strong encryption and decryption algorithm and more secure than its predecessors DES (Data Encryption Standard) and 3DES (Triple-DES).
The difference between the PKCS#5 and PKCS#7 padding mechanisms is the block size; PKCS#5 padding is defined for 8-byte block sizes, PKCS#7 padding would work for any block size from 1 to 255 bytes.
AES-GCM is a more secure cipher than AES-CBC, because AES-CBC, operates by XOR'ing (eXclusive OR) each block with the previous block and cannot be written in parallel. This affects performance due to the complex mathematics involved requiring serial encryption.
The block size is a property of the used cipher algorithm. For AES it is always 16 bytes.
So strictly speaking, PKCS5Padding cannot be used with AES since it is defined only for a block size of 8 bytes. I assume, AES/CBC/PKCS5Padding is interpreted as AES/CBC/PKCS7Padding internally.
The only difference between these padding schemes is that PKCS7Padding has the block size as a parameter, while for PKCS5Padding it is fixed at 8 bytes. When the Block size is 8 bytes they do exactly the same.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With