I need to transmit long encrypted messages to a smartcard over a limited capacit
ID: 649935 • Letter: I
Question
I need to transmit long encrypted messages to a smartcard over a limited capacity link so I need to fragment the messages somewhere before sending thzm.
My problem is that I split the message into 64-byte blocks and then apply a pkcs7 padding. The result is that the padded message always ends with a full block of 16s before encryption. Does this pose a security problem since an attacker will know the last plaintext block ?
One possible solution I might use is splitting into blocks of size 64+x instaed with x random between 0 and 15 so the padding will not be predictable. Is this a good/better idea ?
PS: I use AES-CBC with 128 bit keys
Explanation / Answer
No, it is not a problem to have the same padding at the end of a message. Some known plaintext is often available in practice (protocol fields, etc). The security of the system is (or at least should be) based entirely on the key.
If you are really worried about it for some reason just change the IV for each 64-byte block. Or as CodesInChaos said in a comment, if messages are always a multiple of 16 bytes, don't even use padding.