23

I want to know if there is any difference between these two encryption methods? I never used these before. My client asked me to use AES-128 encryption but when I google it, it show me "aes-128-cbc", "aes-128-ctr", "aes-256-cbc", or "aes-256-ctr" so I want to know which one I should use that will be like AES-128?

reference link : this is where I have to send encryption method

Umair Malik
  • 1,403
  • 3
  • 30
  • 59
  • 1
    "aes-128" doesn't specify a mode, but the "aes-128-*" ciphers do. It's not clear to which mode "aes-128" defaults to, so you should find that out first. – Artjom B. Oct 14 '15 at 10:37

4 Answers4

48

3 things:

  • AES: Advanced Encryption Standard. This is the name of the encryption algorithm (symmetric encryption). Other symmetric encryption algorithms are: DES, 3-DES etc.
  • 128: This probably refers to the key size. AES encryption uses 3 key sizes (128bit, 192bit and 256bit). Block size in AES is also 128 bits.
  • CBC: This is the mode of encryption that you want. There are number of modes of encryption, which depends on how fast you want your algorithm to work, parallelism and level of security. A few modes are CBC(Cipher Block Chaining), ECB(Electronic Code Book), CFB(Cipher Feed Back), CTR (Counter) etc.

Now, your client asked you to encrypt using AES-128. So, you should be using AES encryption with 128 bit key size. Any mode you can use will be of your preference. I'd prefer CBC.

vish4071
  • 5,135
  • 4
  • 35
  • 65
  • 6
    Strongly consider switching from CBC to CTR+HMAC – Scott Arciszewski Oct 14 '15 at 20:59
  • 1
    @ScottArciszewski, HMAC is a message authentication scheme using hash comparison. That can always additionally be done along with any encryption that is performed. I think I'd still prefer CBC + HMAC (Sha-1/2) over CTR (+ HMAC), and that too with some salt. – vish4071 Oct 15 '15 at 07:51
  • 3
    Honestly, the security margins for both are interchangeable. CTR mode has the advantage that you avoid having to deal with padding, since it transforms AES into a stream cipher and xors the keystream with your plaintext. Defuse's encryption library 2.0 is set to use what's effectively a 256-bit nonce (128-bit nonce, and a 128-bit salt for HKDF, so even if the nonce collides, the keypair for that message will not) -- assuming my PR is merged of course. This means that a birthday collision will happen with 50% probability after 2^128 messages. – Scott Arciszewski Oct 15 '15 at 14:00
  • CBC without MAC is worth nothing at all. – Antti Haapala -- Слава Україні Nov 08 '17 at 10:02
22

Just a quick note on CBC vs ECB. When you encrypt using ECB, every 128 bit (depending on the block size) of data gets encrypted with the same key. If there is any pattern in the plaintext, the resulting encrypted text will also be predictable, no matter how good the encryption algorithm is.

ECB:

Plain text: aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa
            ---------------- ---------------- ----------------
Encrypted:  bdefjakjapqeiowp bdefjakjapqeiowp bdefjakjapqeiowp

If you use CBC, the first block gets XOR'd with the IV (initialization vector) and encrypted with the key and the second block gets XOR'd with the first block and then encrypted with the key, the third with the second. The resulting cipher is then less vulnerable to frequency analysis. CBC Encryption mode

This image is taken from Wikimedia Commons, the free media repository

The disadvantage is that you cannot parallelize the encryption/decryption since you need the result of the previous block, so it may be slower. But in practice, it makes no real difference.

shibli049
  • 528
  • 12
  • 31
Vincent
  • 22,366
  • 18
  • 58
  • 61
4

Looking at the link you included, it says it will accept a number of different modes, including CBC. Unless you have a specific reason not to use it, then use AES-128-CBC. CBC mode is a good general-purpose mode. You will also need to understand the use of padding (use PKCS#5 or PKCS#7, whatever one your system allows) and an Initialisation Vector, IV, in order for CBC mode to work correctly.

Do not use ECB mode, since it is insecure and leaks information.

rossum
  • 15,344
  • 1
  • 24
  • 38
1

Here aes-128-cbc and aes-128. aes stands for advanced encryption service, 128 is the bit rate, and CBC is the mode of encryption.

However, this is recited and used only in OPEN SSL Formats. Prior to Open SSL, PHP used mcrypt_encrypt which was not properly designed (older versions of PHP). aes-128 can also be reffered to as rijndael while using mcrypt.

Bryan
  • 1,335
  • 1
  • 16
  • 32
Raghu Veera
  • 11
  • 1