Questions tagged [aes]
AES (Advanced Encryption Standard) is a symmetrical block-cipher algorithm with a 128-bit block size, and key sizes of 128, 192 or 256 bits.
2,709 questions
3
votes
3
answers
372
views
Best way to transfer partially known data using AES-CBC
Using the AES algorithm in CBC mode, my goal is to transfer some encrypted JSON data with known keys (that means that roughly 40% to 60% of the plaintext data might be known by the attacker including ...
- 33
2
votes
0
answers
126
views
Why we ignore multiplication by root Y of $x^2+x+WZ$ over GF($2^4$). Calculation the inverse of GF(256) using subfields
I have read article about getting the inverse element in the Galois field($2^8$) using subfields GF($2^4$) and GF($2^2$):
GF ($2^2$) by adjoining a root W of $x^2+x+1$ over GF(2);
GF ($2^4$) by ...
- 21
0
votes
0
answers
70
views
AES-CBC with Fixed IV and known first plaintext block: Modifying a parameter spanning across block boundaries
I am trying to determine if it is possible to modify a parameter that spans across blocks given the current constraints.
The System
Algorithm: AES-128-CBC
IV: Fixed and unknown
Key: Fixed and unknown
...
9
votes
2
answers
1k
views
Strength of AES when 32-bits of the 128-bit key are known?
This could be related to any cipher, but this is specific so some AES hardware. In this hardware, a 128-bit random number is exchanged, as one does, between hosts. Due to a hardware quirk, the last ...
- 5,457
1
vote
0
answers
78
views
How to determine the algorithm used to generate a 48-byte header for encrypted files? [closed]
I am engaged in the translation of encrypted files. I have several files encrypted in the same way.
The files consist of two parts:
48 byte header example - ...
- 11
1
vote
1
answer
169
views
which AES variant for encrypted then signed files?
We have a system where the file will be encrypted (AES) then signed (EcDSA) during build.
At run-time, the rom code will verify the file (EcDSA), decrypt (AES), then boot using that file.
Since ...
- 11
3
votes
0
answers
66
views
Simplifying AES-SIV if no AAD is present
My goal is to build a simple as possible AES-based Deterministic Authenticated Encryption (DAE) scheme.
If I look at the SIV scheme defined by Rogaway and Shrimpton, they need to define S2V to have ...
- 7,429
2
votes
1
answer
174
views
Advice on Student Project: Hybrid TRNG + PQC + AES-256 Encryption with ESP32 Communication
I am a high school student participating in a secure satellite communication idea competition. I am building a prototype to generate unpredictable encryption keys using ATECC608A (TRNG) and hardware ...
- 21
2
votes
2
answers
182
views
Is there an AES equivalent to the "standard" TDES test key?
When working with TDES, the "default" test key that I've always seen used is 0123456789ABCDEF FEDCBA9876543210. I've seen others, usually using a ...
- 121
0
votes
1
answer
157
views
Is XOR-scrambling with a seeded RNG a secure alternative to standard AES modes?
I'm writing an application that encrypts data with a shared key using AES in ECB mode. The level of security for this application isn't extremely high. But I do want to scramble the blocks before ...
3
votes
0
answers
118
views
Circumventing birthday bounds in AES-GCM?
I'm looking at using AES-256-GCM to encrypt data at rest (in a database) with logged-in user id's (among possibly other things) as the authenticated data.
I'd like the application to (eventually) ...
- 373
1
vote
2
answers
297
views
What would be the most secure encryption system possible to protect “top-level international data”, even against quantum computers?
I'm writing a science fiction story involving highly classified data, stored and transmitted under extreme security constraints.
I’d like to know what would be considered the most secure encryption ...
- 11
0
votes
1
answer
148
views
Using AES GCM with IV [prefix + counter], can I just change the prefix instead of changing the whole AES key if the counter overflows?
I'm making an online Client-Server game where upon a client's connection a sessionKey is generated by the server and exchanged securely under TLS during authentication, so that the client can also ...
-3
votes
1
answer
169
views
AES modification
I have idea. Generate random 256 numbers or permute in random way numbers from 0 to 255. Add second password. Generate subkeys from second password same way they generated from first. Every round use ...
- 13
5
votes
2
answers
627
views
Is it insecure to use a good hash function on the data to derive the nonce for AES-CTR
This answer to a similar question on AES-GCM says that using a the hash of the combination of message and key as a nonce (left half bits of counter, as I understand it, for AES-CTR) would be OK, but ...
- 165