Reputation: 2158
Is it possible to check the integrity of data encrypted using AES?
I am encrypting my payload using AES, before sending it over a TCP connection. Is it possible to verify whether it has been modified during transit by someone who doesn't have access to the shared key?
To expand, does this make sense?
Before sending:
1) Generate SHA256 hash from payload -> payload hash
2) Generate SHA256 hash from payload hash + shared secret -> final hash
On payload receive repeat above steps and compare hashes.
Upvotes: 0
Views: 149
Answers (1)
Reputation: 94038
You are trying to generate a HMAC function. Please use a HMAC function that uses SHA-256 instead. Please use a HMAC over the ciphertext, or you may be vulnerable to padding oracle attacks. It's best practice to use separate MAC & encryption keys, but for HMAC you can probably get away with a single key.
Note that the default method of transport layer encryption should be TLS, which already incorporates integrity & authenticity plus nice things like entity authentication, session key establishment, perfect forwarding secrecy, well studied protocols and algorithms etc. etc.
Upvotes: 1
Related Questions
- Is AES-256 encryption consistent?
- is there a way to check that the file data is encrypted or not?
- Key verification in AES
- How to check the validity of an AES algorithm?
- How To know the AES Encryption Key is correct at the receiver side?
- How to validate AES decryption was successful?
- Efficient way to check data (not a file) is not corrupt
- Determining that decryption has occurred
- Simple way to detect encryption
- Using AES for file integrity checks, replacing MD5