cool breeze
Reputation: 4811
AES encryption using C# and decryption in Java
I just want to confirm my understanding of how AES works.
If company#1 is encrypting the data, and sending this data to company#2 to decrypt, and let's presume that one of them uses C# and the other Java.
As long as both are using the same shared secret key, is there anything else setting/configuration wise both parties should agree upon to make sure the data is correctly encryption and decrypted?
Upvotes: 1
Views: 619
Answers (1)
Artjom B.
Reputation: 61902
There is a lot that both have to agree upon:
- shared secret key
- How long is it? (Is key padding required?)
- Is the actual key derived from another key or password with an additional salt?
- Which key derivation function is used and what are their parameters? PBKDF2, bcrypt, scrypt, ...
- Is the IV derived together with the key? (usually by requesting key size + IV size output from the key derivation function)
- cipher characteristics:
- block cipher like AES, Triple DES, Twofish, Rijndael, ...
- cipher parameters such as block size in case it is variable
- mode of operation like CBC, CTR, CFB, ...
- for IV-based modes: How is the IV generated? Is it generated randomly and put into the container format or is it derived together with the key from a password and therefore doesn't need to be put into the ciphertext container?
- for nonce-based modes like CTR: How big is the nonce (sometimes referred to as IV)?
- for parametrized modes like CFB: How big is a segment?
- padding mode like PKCS#7 padding (which is also referred to as PKCS#5 padding), ZeroPadding, ...
- block cipher like AES, Triple DES, Twofish, Rijndael, ...
- authentication (if any):
- as mode of operation like GCM, EAX, SIV, ...
- as separate encrypt-then-MAC/MAC-then-encrypt/encrypt-and-MAC scheme with a MAC like HMAC-SHA256, CMAC, HKDF, GHASH, ...
- encoding of each component like Hex, Base32, Base64 or simply binary (no encoding)
- Is everything encoded together into a textual format from the finished binary format or are the components encoded separately and concatenated together?
- format:
- Where to put IV/nonce/salt (if any)? (usually before the actual ciphertext)
- Where to put authentication tag (if any)? (usually after the actual ciphertext)
- Is Cryptographic Message Syntax applicable?
Upvotes: 3
Related Questions
- Encrypt in java and Decrypt in C# For AES 256 bit
- AES Encryption in C# and decryption in CryptoJS
- AES 256 java and .Net compatible encryption and decryption?
- AES encryption/decryption from c# to java
- AES Encryption in Java and Decryption in C#
- Decrypting AES from C#, Encrypted from Java
- AES Decryption - Porting code from C# to Java
- Implement Java Decryption AES Algorithm in C#
- C# / Java | AES256 encrypt/decrypt
- AES encryption/decryption between C# (encryption) and Java (decryption)