Confused about AES cipher version

Question

I'm trying to implement AES256 encryption into an android app. Data is coming from a server encrypted, I've been using the Android library JNCryptor to decrypt the data. It successfully does this, but it's very slow. I wanted to try Facebook's Conceal library because it reports having faster encryption and decryption speeds. My first implementation was decrypting a string from the server with the Conceal library. My problem comes when I try to pass the byte[] of the encrypted string to the decrypt function in Conceal.

ByteArrayInputStream bin = new ByteArrayInputStream(Base64.decode(encStr, Base64.DEFAULT));
    InputStream cryptoStream = null;
    try {
        cryptoStream = crypto.getCipherInputStream(bin, new Entity("test"));
...

The crash comes because the given cipher version, which is found by getting the first byte of the byte [] does not equal the expected Conceal cipher version number 1.

I then looked at the encryption side of Conceal and saw this is just a number set during the encryption.

To double-check I then looked over the JNCryptor source code and saw it sets and looks for Cipher Version numbers 2 and 3.

I guess my questions are: What is the significance of the Cipher Version number? Would I be able to get the Conceal library to decrypt this data or are they just encrypted in totally different ways?

Answer 1

They are completely unrelated. For instance, Conceal seems to use GCM mode of encryption (which includes authentication) and RNCrypt uses AES in CBC mode and HMAC for authentication. Besides that it uses passwords and PBKDF2 instead of keys directly (although implementations like JNCryptor may include shortcuts to use keys directly - thanks Duncan).

Both are relatively minimalistic proprietary cryptographic formats, and both use AES. That's where he comparison ends.