What size of initialization vector needed for AES-256 encryption in java?

java encryption aes
19,991

TL;DR: AES in CFB mode requires a unique (but not necessarily randomized) IV of 16 bytes.

The size of the IV depends on the mode, but typically it is the same size as the block size, which for AES is always 16 bytes. There are modes that differ from this, notably GCM mode which has a default size of 12 bytes but can take any sized IV - although keeping to the default is highly recommended.

The old school modes such as CBC and CFB however simply require an IV of the same size as the block size. Even CTR commonly requires 16 bytes, although in principle the IV can be any size less than 16, in which case it is (again, commonly) right padded with zero valued bytes. Note that CTR is often initialized with an initial counter value which means you must make sure that the counter is not repeated yourself.

The block size of AES is 16 bytes, whatever the key size. Saying that you have AES-256 and a key of 32 bytes is superfluous information. For AES-256 the key size must be 256 bits or 32 bytes.

The IV for CFB mode - as stated earlier - must always be 16 bytes as AES is a 128 bit block cipher. AES is restricted with regards to the block size compared with the Rijndael cipher. Rijndael may be configured with different block sizes.

Share:
19,991
Mahendra Take
Author by

Mahendra Take

Updated on June 24, 2022

Comments

  • Mahendra Take
    Mahendra Take about 2 years

    I am using AES-256 encryption with CFB mode. I have to use 32 byte key. But I am little bit confused about the initialization vector. How many bytes of initialization vector should be used with AES-256 ? Is it 16 bytes or 32 bytes ?

    Any code example will be appreciated.

  • dave_thompson_085
    dave_thompson_085 over 4 years
    Nit, since necroed: saying AES-256 key is 32 bytes in Java (where byte is 8 bytes, not always the case elsewhere) is redundant, duplicative, unnecessary, superflous, and some other unflattering adjectives -- but not spurious. Upvoted anyway :-)
  • Maarten Bodewes
    Maarten Bodewes over 4 years
    @dave_thompson_085 That was quite an extreme nitpick, you must have a tunneling microscope over there :)
  • dave_thompson_085
    dave_thompson_085 over 4 years
    Not really; it's quite obvious to me just reading the text. But as I indicated, perhaps too tersely, I agree it's not at all important (nit) and I would not have posted it except that this Q was already 'risen from the dead' (necroed) by another update. :):)
  • jacobq
    jacobq about 4 years
    I was about to edit and replace "spurious" with "inconsistent/contradictory" but then I saw that one definition of spurious is actually "Not trustworthy; dubious or fallacious.", so in that sense the usage is not completely wrong.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Encryption in Java and Decryption in Flutter (AES-256)
java.security AES encryption key length
Java AES 256 encryption
Looking for an encrypt/decrypt AES example for Android
In AES decryption, "Given final block not properly padded" occurred
Java AES Encrypt Entire String
AES: how to generate key from password for every algorithm size
CryptoJS AES encryption and JAVA AES decryption value mismatch
Storing AES Secret key using keystore in java
java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DER input, Integer tag error