Questions tagged [aes]
The Advanced Encryption Standard (AES) is a symmetric-key encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.
882 questions
0votes
0answers
17views
For AES-GCM, why do protocols not use the nonce to prevent replay attacks? [migrated]
For protocols using AES-GCM, it appears to be common practice to store the sequence number in the additional authenticated data (AES_GCM and TLS sequence number). I have not found any instances of ...
3votes
1answer
3kviews
Are there any security concerns with this authentication flow?
I’m in the process of developing a native app and am currently trying to come up with a workflow to secure the communication between my app and the server. I’ve done a lot of research and have not ...
- 41
2votes
1answer
468views
Is there any reason to choose A256GCMKW over A256KW in JSON Web Encryption?
When implementing JSON Web Encryption (JWE), I understand the reasons why you might choose A256KW over DIR. But, now I notice there is also A256GCMKW as an optional part of the JWE standard (see ...
2votes
1answer
957views
Encryption to use when limited data for a chosen plaintext attack is available
Consider the following use case: User can choose a key. The key is used to encrypt files to be stored on a server. Some file and directory names are easily guessed from the nature of the software, ...
- 123
1vote
1answer
133views
AES-256 Encrypted Text Differs [closed]
I am learning about how AES encryption works. I understand the overall process, but I think I've missed something. Let's say I have this text to encrypt: "vulkanski izbruh" – 16 characters (...
- 27
1vote
1answer
126views
Does bearssl contain AES-GCM implementation?
In BearSSL webpage it has been claimed that bearssl supports AES/GCM BearSSL currently implements AES/CBC, AES/GCM, AES/CCM and 3DES/CBC cipher suites. But I can not find any function in its GitHub ...
- 113
8votes
1answer
1kviews
Is it Secure to Use a Single AES-GCM Encryption Key for an Entire Database if Unique IVs and Tags Are Generated?
I'm currently developing a backend service where I need to encrypt sensitive data stored in a database. I'm planning to use the AES-GCM (Galois/Counter Mode) encryption algorithm for this purpose. My ...
5votes
1answer
846views
In AES GCM, would using different nonces that are close reveal data?
Starting from a known nonce, AES GCM uses a counter to sequentially generate new numbers that are the input to the encryption function. If by chance two nonces from two distinct runs of AES GCM were ...
- 153
5votes
2answers
1kviews
What's a good way to append a nonce to ciphertext in Python for AES GCM in Python?
I'm not a security expert, so please excuse this question if it's silly, but I would really like an answer. I am using AES GCM to encrypt and would like to combine the randomly generated nonce with ...
- 53
2votes
1answer
244views
Using PBKDF2 in combination with AES-KW defeats usage of BCrypt password hashes?
We are currently implementing envelope encryption for our app. That means, we need to derive a key from a user's password, which then will be used as a key encryption key(KEK) to wrap another key ...
- 377
3votes
1answer
770views
Any information on the encrypted Knoppix user data file system (knoppix-data.aes)?
I remember about 90% of my password used for encrypting the persistent user data file system (stored as knoppix-data.aes) while setting up Knoppix a few years ago and would now like to explore the ...
2votes
2answers
269views
Best way to symmetrically encrypt multiple files using a password
I would like to encrypt many files using symmetric encryption such as AES256, using a single memorised password. I was planning to use gpg but gpg symmetric encryption does not work with --multifile ...
0votes
1answer
56views
Is the example in the QUIC spec for header encryption wrong, or have I missed something?
In the QUIC spec, they've provided an example of header protection: https://datatracker.ietf.org/doc/html/rfc9001#name-sample-packet-protection They've got the following process (paraphrasing): hp = ...
0votes
2answers
181views
Impact of using the AES-GCM key as AEAD associated data
Will using the AES-GCM key as AEAD associated data potentially weaken the security or bring any adverse impact? Before this question, perhaps I should ask, can an attacker extract AEAD associated data ...
- 101
2votes
1answer
500views
How can I ensure nonrepeating IV with AES/GCM encryption?
I'm trying to encrypt files before storing them on my hard drive using AES/GCM encryption in Java. I currently have the following code: byte[] iv = new byte[GCM_IV_LENGTH]; SecureRandom random = new ...
- 23
