OAEP uses a separate hash invocation to hash a (usually empty) label as well as a parameter to MGF1 (mask generation function), used for most of the OAEP padding. The hash doesn’t have that much impact on the security of OAEP, and for that reason it may be left to this default. Most libraries however … Read more
TurboPower LockBox 3.1.0 is now released. It supports: Delphi 2007 and Delphi 2010 Unicodestrings for Delphi 2010 AES, DES, 3DES, Blowfish and Twofish ciphers A long list of block chaining modes MD5 and SHA1 hashes RSA encryption, decryption, signature and verification Variable length RSA keys – Almost no contraints on the range. D-Unit test code … Read more
TurboPower LockBox 3.1.0 is now released. It supports: Delphi 2007 and Delphi 2010 Unicodestrings for Delphi 2010 AES, DES, 3DES, Blowfish and Twofish ciphers A long list of block chaining modes MD5 and SHA1 hashes RSA encryption, decryption, signature and verification Variable length RSA keys – Almost no contraints on the range. D-Unit test code … Read more
Here’s how to do it properly in CBC mode, including PKCS#7 padding: import base64 from Crypto.Cipher import AES from Crypto.Hash import SHA256 from Crypto import Random def encrypt(key, source, encode=True): key = SHA256.new(key).digest() # use SHA-256 over our key to get a proper-sized AES key IV = Random.new().read(AES.block_size) # generate IV encryptor = AES.new(key, AES.MODE_CBC, … Read more
The block size is a property of the used cipher algorithm. For AES it is always 16 bytes. So strictly speaking, PKCS5Padding cannot be used with AES since it is defined only for a block size of 8 bytes. I assume, AES/CBC/PKCS5Padding is interpreted as AES/CBC/PKCS7Padding internally. The only difference between these padding schemes is … Read more
You don’t need PyCrypto or PyMe, fine though those packages may be – you will have all kinds of problems building under Windows. Instead, why not avoid the rabbit-holes and do what I did? Use gnupg 1.4.9. You don’t need to do a full installation on end-user machines – just gpg.exe and iconv.dll from the … Read more
Q1: Is the IV returned by cipher.getIV() safe for me to use in this way? Yes, it is at least for the Oracle provided implementation. It is generated separately using the default SecureRandom implementation. As it is 12 bytes in size (the default for GCM) then you have 96 bits of randomness. The chance that … Read more
No real reason not to go with AES with 256 bits. Make sure to use this in CBC mode, and PKCS#7 padding. As you said, fast and secure. I have read (not tested) that Blowfish may be marginally faster… However Blowfish has a major drawback of long setup time, which would make it bad for … Read more
I believe the difference is the padding, not the actual encrypted data. Have you tried to decrypt the strings? I believe they will show up as the same. Why is the padding different? because they are either implementing it differently, or because one is provided a file, while the other a string, which in the … Read more
Why not use the built-in encryption algorithms? Here’s an NSData+AES i wrote which uses CCCrypt with a 256it key for AES256 encryption. You can use it like: NSData *data = [[NSData dataWithContentsOfFile:@”/etc/passwd”] encryptWithString:@”mykey”]; and decrypt it with: NSData *file = [data decryptWithString:@”mykey”]; DISCLAIMER: There no guarantee my NSData+AES is bug-free 🙂 It’s fairly new. I … Read more