Re: AES (Rijndael) Encryption with CryptoAPI

From: Pieter Philippaerts (Pieter.nospam_at_mentalis.org)
Date: 06/25/04

  • Next message: Ryan Menezes [MSFT]: "Re: AES (Rijndael) Encryption with CryptoAPI"
    Date: Fri, 25 Jun 2004 02:13:06 +0200
    
    

    "Abe Simpson" <abe@simpson.com> wrote in message
    > When I encrypt plaintext that is 1 to 15 bytes long, the resultant
    > ciphertext is always 16 bytes, and a 16-byte plaintext results in a
    32-byte
    > cipher text.

    This is normal behavior. The AES is a block cipher, which means it always
    operates on 16 byte blocks.
    If the input data is not an exact multiple of 16, the data will be padded
    until it has a length that is a multiple of 16.
    If the input data is an exact multiple of 16, the CryptoAPI will add a full
    16-byte padding block at the end of the data.

    > Rijndael specs provide sample results where 16-byte plaintext becomes
    > 16-byte ciphertext. How do I achieve the same result?

    You can simply ignore the last 16 bytes, since they are the encrypted
    padding.

    Regards,
    Pieter Philippaerts

    P.S.: in case the results of your code are not the same as the results
    you're trying to verify it with, a common mistake is that the CryptoAPI is
    little endian and virtually every other platform is big endian (Java, .NET,
    and probably the AES reference too). So you may need to reverse the key and
    IV.


  • Next message: Ryan Menezes [MSFT]: "Re: AES (Rijndael) Encryption with CryptoAPI"

    Relevant Pages

    • Re: Only people who originally frequent sci.crypt reply to this
      ... The mode of a cipher is one of the many, ... you need to get right in order to turn a secure algorithm into a secure ... there are no known attacks against AES. ... attack of any kind against a cipher, ...
      (sci.crypt)
    • Re: Is a cryptographic monoculture hurting us all?
      ... AES may well remain secure for a while but it could be broken in the ... Or worse you get protocol attacks like the GSM. ... centeralisation means that the cipher has gotta be damn tough to break. ... safe that are roughly equal in strength. ...
      (sci.crypt)
    • Quadruple Algorithms
      ... occurring" (a fatal flaw being found in AES, ... the most likely attack on your entire system, ... Threat one: Your implementation of AES has an undiscovered ... with the output of one cipher feeding ...
      (sci.crypt)
    • Re: Crypto problems in Vista
      ... I managed to call AES and SHA-1 functions from the "Microsoft Enhanced RSA ... and AES Cryptographic Provider" CSP in Vista. ... AES is a block cipher with a 16 byte block-length. ... support Output Feedback Mode." ...
      (microsoft.public.platformsdk.security)
    • Re: Cascading/Layering Group Ciphers
      ... >with AES using one key and then encrypt that ciphertext again with AES ... cipher, ... We'd need a precise unambiguous bit-level specification of what mode ...
      (sci.crypt)