Questions tagged [aes]

The Advanced Encryption Standard (AES) is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.

The Advanced Encryption Standard (AES) is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.

829 questions
179
votes
8 answers

Why can't the FBI read the key embedded in the iPhone's secure chip/ROM directly from hardware (silicon)?

As far as I understand, the 4 digit passcode is combined (in some fashion) with a key stored in secure read only memory (e.g. secure enclave chip or similar), where it is directly embedded into silicon wiring to help prevent unauthorized reads. But…
user9806
  • 1,689
  • 2
  • 9
  • 4
98
votes
3 answers

What's the advantage of using PBKDF2 vs SHA256 to generate an AES encryption key from a passphrase?

I'm looking at two comparable pieces of software which encrypt data on disk using a passphrase. One uses PBKDF2 to generate the encryption key from a passphrase, while the other uses two rounds of SHA256. What's the difference? Is one preferred over…
Andrey Fedorov
  • 1,303
  • 1
  • 10
  • 12
93
votes
4 answers

Will quantum computers render AES obsolete?

This is a spin off from: Use multiple computers for faster brute force Here's at least one source which says that quantum computers are on the way to being able to break RSA in the not too distant future. I am not a security expert, and don't know…
BuvinJ
  • 993
  • 1
  • 7
  • 11
73
votes
6 answers

Why would I ever use AES-256-CBC if AES-256-GCM is more secure?

I guess the gist of my question is: Are there cases in which CBC is better than GCM? The reason I'm asking is that from reading this post by Matthew Green, and this question on cryptography stack exchange, and this explanation of an attack on XML…
72
votes
2 answers

How is WhatsApp sending end-to-end encrypted messages in push notifications?

WhatsApp implemented end-to-end encryption (whitepaper) in their latest update. How is it possible for WhatsApp to send push notifications with message contents to the Apple Push Notification service? One possible solution would be to send the…
Antwan van Houdt
  • 748
  • 1
  • 6
  • 9
71
votes
2 answers

Security comparsion of 3DES and AES

Which one is more secure and least possible to be broken through cryptanalysis AES or 3DES (no matter performance)? I need to use encryption for my projects to store and secure sensitive information which includes bank accounts, sort codes, and…
DaGhostman Dimitrov
  • 911
  • 1
  • 7
  • 11
64
votes
2 answers

Why has the NSA had a hand in deciding on encryption standards?

The NSA has had a large hand in the design of at least two significant encryption standards: the Digital Encryption Standard, and its successor, the Advanced Encryption Standard. Because of their involvement, there is much speculation of backdoors.…
IQAndreas
  • 6,557
  • 8
  • 32
  • 51
59
votes
3 answers

When using AES and CBC, is it necessary to keep the IV secret?

If I encrypt some data with a randomly generated Key and Initialization Vector, then store all three pieces of information in the same table row; is it necessary to encrypt the IV as well as the Key? Simplified table structure: Encrypted data Key…
Stu Pegg
  • 693
  • 1
  • 5
  • 6
54
votes
4 answers

How secure is 7z encryption?

I have a text file in which I store all my bank details. I compress and encrypt it with 7-Zip using the following parameters: Compression parameters: Archive format: 7z Compression level: Ultra Compression method: LZMA2 Dictionary size: 64…
48
votes
5 answers

openssl: recover key and IV by passphrase

A large amount of files were encrypted by openssl enc -aes-256-cbc -pass pass:MYPASSWORD Openssl should derive key+IV from passphrase. I'd like to know key+IV equivalent of that MYPASSWORD. Is that possible? I know MYPASSWORD. I could decrypt…
Sergey Romanovsky
  • 603
  • 1
  • 6
  • 6
43
votes
5 answers

RSA maximum bytes to encrypt, comparison to AES in terms of security?

What is the maximum number of bytes for encrypting a plaintext message using RSA that is reasonably secure and also efficient and would AES be better for the same size in bytes? The encryption doesn't have to be public by the way, I'm just wondering…
pandoragami
  • 599
  • 1
  • 6
  • 8
43
votes
3 answers

Is it safe to use Dropbox in its present state?

For the record, I understand that absolutely no service is safe, and "the only way to keep a computer from getting hacked is to never connect it to the network". So, we've got that out of the way. I wanted to understand the Dropbox has started…
Abhishek Sha
  • 645
  • 1
  • 5
  • 8
41
votes
5 answers

Encryption - should I be using RSA or AES?

My model is one where I have several clients which wish to speak with some (but not all) of the other clients. All messages will be sent through a server. Only the two clients communicating with each other should be able to know the message. So the…
Cheetah
  • 511
  • 1
  • 5
  • 3
37
votes
4 answers

Can someone explain what exactly is accomplished by generation of DH parameters?

I'm setting up a node.js server: https.createServer({ ... ciphers: 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH', honorCipherOrder: true }, app).listen(443); This is a able to achieve a SSLLabs A rating, which…
Steven Lu
  • 977
  • 2
  • 12
  • 13
37
votes
1 answer

Why does AES encryption take more time than decryption?

While I was studying the time consumed by some methods I found that encryption take more time than decryption. Is this right? I am using AES (the same steps will be taken during the enc and dec)
BOB
  • 683
  • 2
  • 6
  • 7
1
2 3
55 56