CBC mode: Each 16-byte block of plaintext is XORed with the previous ciphertext block before being encrypted. This
•
way, each ciphertext block depends on all plaintext blocks processed up to that point. To make each message unique, an
initialization vector must be used in the first block. This initialization vector size is 16 bytes, so is the same size as the data
block size. Notice that this mode is not supported by Meshlium.
Figure : ECB mode encryption
A block cipher works on fixed size blocks, but messages come in a variety of lengths. So some modes of operation require that
the final block be padded before encryption. Several padding schemes exist, but this library provide two padding schemes:
ZEROS: this method adds 0s until the last block size is completed. Notice that this mode is the only one supported by
•
Meshlium.
PKCS5: this method adds the input at the trailing end with k - (l mod k) octets all having value k - (l mod k), where l is the
•
length of the input. Notice that this mode is not supported by Meshlium.
AES Algorithm
AES-128
AES-192
AES-256
Key Size
128 bits
192 bits
256 bits
-12-
Confidentiality (privacy)
Data Block Size
16 bytes
16 bytes
16 bytes
v7.0