Are AES keys just random bytes of a specific length or is there some sort of extra checks?

Question

Since I want to scale up a simple website but I just need a simple encryption done through environment variables rather than setting up a Redis to hold the key.

I'm looking at this Converting Secret Key into a String and Vice Versa to do the retrieval.

I know I can export the string but I was wondering if any arbitrary bytes can be used so long as it meets the length requirement.

AES keys, and most other symmetric algorithms, **yes**, with the length(s) depending on the algorithm. Technically DES and DESede (aka triple-DES, 3DES, etc) _should_ have parity but practically all implementations today, including Java crypto, ignore it. Asymmetric algorithms (with interfaces `PrivateKey PublicKey KeyPair`) no. — dave_thompson_085, Nov 02 '22 at 18:50

score 3 · Accepted Answer · answered Nov 02 '22 at 19:00

3

An AES key is a sequence of 16, 24, or 32 bytes chosen by a cryptographically secure random number generator. There are no checks other than the length.

answered Nov 02 '22 at 19:00

erickson

265,237
58
395
493

Are AES keys just random bytes of a specific length or is there some sort of extra checks?

1 Answers1