Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I have two different crypto libraries I created, one is in java and uses the sta

ID: 661199 • Letter: I

Question

I have two different crypto libraries I created, one is in java and uses the standard built-in java crypto libraries.

The other uses openssl and has been wrapped in java through the JNI.

I'm currently replacing the default java library code with the openssl library code, and verifying the encryptions against each other to make sure nothing breaks for my end user. I'm curious, because java is only guaranteed to support 128 bit keys using its implementation of PBKDF2, so I'm using AES CBC 128 with java. I had originally coded for AES CBC 256 in openssl, not thinking.

What I'm curious about is this: When I input a 256 bit key into java's AES CBC 128, I got the same output as I did for openssl's AES CBC 256. When I input a 128 bit key into AES CBC 128, I got a different output than when I input the same key into openssl's AES CBC 256. (I used the same 16 byte IV across all trials)

I assume the two different encryption schemes would generate completely different results, so I'm confused as to why this is happening. I thought I had a better understanding of the cipher than it appears I actually do.

Apologies if this is a painfully obvious result, I'm still somewhat new to crypto.

Explanation / Answer

"AES-128" means "AES used with a 128-bit key". "AES-256" means "AES used with a 256-bit key". By definition, you should use a 128-bit key with AES-128, and a 256-bit key with AES-256.

What happens when you give a 256-bit key to AES-128, or a 128-bit key to AES-256 ? By all rights, it should blow up in your face. However, some implementations are more tolerant. Some implementations will automatically adjust to the provided key size; in that case, when you put a 256-bit key into AES-128, the AES-128 implementation morphs into an AES-256 implementation (AES-128, AES-192 and AES-256 are very similar internally; they differ only by the number of rounds; so it makes sense that they share most of their code). Some other implementations will ignore your "key length" and grab the bytes they believe they need; e.g. you give a 256-bit key to an AES-128, and only the first 128 bits get used. Since you are doing things out of specification, this is the realm of the bug, and anything goes.

Related Questions

I have trouble doing the calculations on my study guide, and I need to know how
Question #9303
I have trouble getting the function parameters right. Here\'s the question and o
Question #440320
I have trouble on physics question, please answer it and show the work. thank yo
Question #1549826
I have trouble on physics question, please answer it and show the work. thank yo
Question #1601448
I have trouble to solve these questions so please someone help me out. I\'ll tha
Question #3591564
I have trouble understanding Turing\'s halting problem. His proof assumes that t
Question #649286
I have trouble with figure out this can anyone help Evaluating a Limit 2014A Mul
Question #2839505
I have trouble with question c Three salespeople decide to pool their commission
Question #3070241

Navigate

Previous
I have two different classes, Accounts and Transactions, where constructs and ge
Next
I have two different problems for each presented and I don\'t know how to begin: