36

I am currently using AES/CBC/PKCS5Padding for encrypting files in Java with 256 bytes key size, but while searching I found on stackexchange PKCS#5-PKCS#7 Padding and it is mentioned,

PKCS#5 padding is a subset of PKCS#7 padding for 8 byte block sizes

So I want to know

  1. Will the performance of AES/CBC/PKCS7Padding will be better then AES/CBC/PKCS5Padding for the above configuration?
  2. How can we configure the block size in Java as it is mentioned

    PKCS#7 padding would work for any block size from 1 to 255 bytes.

My sample code is,

SecureRandom rnd = new SecureRandom();
IvParameterSpec iv = new IvParameterSpec(rnd.generateSeed(16));

KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(256);
SecretKey k = generator.generateKey();

Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, k, iv);
Community
  • 1
  • 1
Deepak Bhatia
  • 6,230
  • 2
  • 24
  • 58

1 Answers1

55

The block size is a property of the used cipher algorithm. For AES it is always 16 bytes.

So strictly speaking, PKCS5Padding cannot be used with AES since it is defined only for a block size of 8 bytes. I assume, AES/CBC/PKCS5Padding is interpreted as AES/CBC/PKCS7Padding internally.

The only difference between these padding schemes is that PKCS7Padding has the block size as a parameter, while for PKCS5Padding it is fixed at 8 bytes. When the Block size is 8 bytes they do exactly the same.

Henry
  • 42,982
  • 7
  • 68
  • 84
  • 2
    will it make any difference if I use `AES/CBC/PKCS7Padding` instead of `AES/CBC/PKCS5Padding` – Deepak Bhatia Dec 25 '13 at 07:28
  • 2
    @dbw I don't think so. But to be sure, check the documentation. – Henry Dec 25 '13 at 07:33
  • 1
    but I don't think so that `AES/CBC/PKCS5Padding` is interpreted as `AES/CBC/PKCS7Padding` as if I read [Cipher](http://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html) it is mentioned `AES/CBC/PKCS5Padding (128)` so this must be having some mechanism defined – Deepak Bhatia Dec 25 '13 at 09:03
  • 2
    @dbw Interestingly, the standard names document talks only about `PKCS5Padding`. Seems to be a historical mistake since this was correct in `DES` times. In fact the two padding algorithms are identical, the only difference is that PKCS7 has the block length as a parameter while for PKCS5 it is fixed at 8 bytes. – Henry Dec 25 '13 at 09:13
  • 36
    PKCS5Padding is interpreted as a synonym for PKCS7Padding in the cipher specification. It is simply a historical artifact, and rather than change it Sun decided to simply pretend the PKCS5Padding means the same as PKCS7Padding when applied to block ciphers with a blocksize greater than 8 bytes. – President James K. Polk Dec 25 '13 at 18:21
  • @Henry any help on a similar [problem](http://stackoverflow.com/questions/27921093/rewrite-php-rijndael-algorithm-to-java-android)? – olleh Jan 14 '15 at 02:42