Various examples I've seen use "AES/CBC/PKCS7Padding" when I get a cypher instance. Obviously AES is the crypto algorithm, what is CBC? What are the pros and cons of various different padd开发者_运维知识库ing approaches like PKCS7Padding?
I wish to use this to encrypt individual UDP packets end-to-end - any reason that would be unwise?
As far as the CBC mode of operation is concerned, it is recommended to use it in place of ECB when possible. Especially on plain text encryption, or data that repeat a lot. (Network protocols obviously belong to this category)
The ECB (Electronic Code Block) process each block independently. Thus identical blocks will be encrypted identically for each occurrence in the stream. With CCB (Cipher Block Chaining) the state of the previous block encryption is propagated, then identical block are coded with a different salt which makes the result differs from one to another occurrence of an identical block.
On the padding thing. The objective is to be able to unambiguously remove the padding in the decrypt process. I did not go through the "why" one is better than an other, but I you can find some explanation in Niels Ferguson and Bruce Schneier book since they recommend PKCS padding or the 0x80 0x00 ... padding.
Take care when using your AES over multiple languages and/or cryptographic librairies. In fact, implementations seem to differ a lot for that single algorithm. Sometimes, it's just default parameters, sometimes there are no other parameters.
CBC: see http://en.wikipedia.org/wiki/Cipher_block_chaining
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论