aspose file tools*
The moose likes Security and the fly likes JCE - AES block size 256 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "JCE - AES block size 256" Watch "JCE - AES block size 256" New topic
Author

JCE - AES block size 256

DotNet Java
Greenhorn

Joined: Dec 23, 2009
Posts: 4
I am using a 3rd party .NET product which decrypts text with AES ( keysize = 256, block size=256, PKCS7, CBC).

My client program that encrypt the text is in java. I am using JCE (IBMJCE). I am not able to figure out how to set the AES block size to 256 in java. By default the size is 128. I am using PKCS5 padding with CBC mode.

Please advice how to set the block size to 256 in java JCE/IBMJCE for AES. Request your urgent advice.
Pat Farrell
Rancher

Joined: Aug 11, 2007
Posts: 4646
    
    5

Are you specifying AES-256 instead of plain old AES?
greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
keysize = 256, block size=256,


AES does not support a block size of 256 bits, it only supports a block size of 128 bits. You specify a AES-256 by providing a Key object to the Cipher that has been initialized with a 256 bit key. You will need to install the JCE Unlimited Strength Jurisdiction Policy Files to use AES keysizes larger than 128 bits.


Nice to meet you.
DotNet Java
Greenhorn

Joined: Dec 23, 2009
Posts: 4
yes, I am using AES256 with keysize=256. I have put in the unrestricted jar files in jre/lib/security.

In .NET, vendor explicitly specified blocksize=256 in his code. When I use the dotNET code to encrypt the exactly same plain text with same key and iv ( as I used in java )
the encrypted string is much longer than that in java.

Just to try out, I changed the .NET blocksize=128 ( same as java default) and I get the same results in .NET and java. (.NET is using Rjndal alogrithim.)

Therefore, I guess block size of 256 versus 128 in .NET makes the difference. Now I want to try java AES with 256 blocksize to see if the results are same.
But I am unable to find any API that I can use to set block size =256

As per Greg, java AES supports only 128. Then does it mean I'll never be able to interop between .NET ( block size = 256 )and java (block size =128) using AES ?
I am confused. Please advice


greg stark
Ranch Hand

Joined: Aug 10, 2006
Posts: 220
As per Greg, java AES supports only 128

That's not exactly what I said. AES, the algorithm, as specified by NIST, only supports a block size of 128 bits. Rijndael, upon which AES is based, does support other block sizes. The SunJCE implementation only does AES, so it only does the 128 bit block sizes. The vendor really shouldn't be using Rijndael with a 256-bit block size. If folks would just stick with standards they would get interoperability. If you must use Rijndael with a 256-bit blocksize you can find various open source implementations of Rijndael, including in the bouncycastle.org lightweight crypto library in the RijndaelEngine class.
DotNet Java
Greenhorn

Joined: Dec 23, 2009
Posts: 4
thanks Greg. I'll try out the bouncycastle stuff. If you know of any other good java open source library let me know.

Happy Holidays.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JCE - AES block size 256