AES Encryption in Java: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 2: Line 2:


* [[Symmetric Cryptography#AES|Symmetric Cryptography]]
* [[Symmetric Cryptography#AES|Symmetric Cryptography]]
* [[Java Cryptography Concepts]]


=Overview=
=Overview=
<font color=darkgray>
AES supports key sizes of 16, 24 and 32 bytes (128, 192 and 256 bits).
Always use a fully qualified Cipher name. AES is not appropriate in such a case, because different JVMs/JCE providers may use different defaults for mode of operation and padding. Use AES/CBC/PKCS5Padding. Don't use ECB mode, because it is not semantically secure.
If you don't use ECB mode then you need to send the IV along with the ciphertext. This is usually done by prefixing the IV to the ciphertext byte array. The IV is automatically created for you and you can get it through cipherInstance.getIV()
</font>


=Example=
=Example=


{{External|[https://github.com/ovidiuf/playground/tree/master/java/cryptography/aes Playground AES Encryption]}}
{{External|[https://github.com/ovidiuf/playground/blob/master/java/cryptography/aes/src/main/java/playground/java/cryptography/aes/AesApplication.java Playground AES Encryption]}}

Latest revision as of 06:36, 24 November 2018

Internal

Overview

AES supports key sizes of 16, 24 and 32 bytes (128, 192 and 256 bits).

Always use a fully qualified Cipher name. AES is not appropriate in such a case, because different JVMs/JCE providers may use different defaults for mode of operation and padding. Use AES/CBC/PKCS5Padding. Don't use ECB mode, because it is not semantically secure.

If you don't use ECB mode then you need to send the IV along with the ciphertext. This is usually done by prefixing the IV to the ciphertext byte array. The IV is automatically created for you and you can get it through cipherInstance.getIV()

Example

Playground AES Encryption