Im implementing the algorithm AES in my mobile app with a 128 bit key, now im wondering how to actually test if the encryption works and how secure is it, is there a way that i can simulate an attack to my application (maybe a free software)? so i can see if its secure enough.
Asked
Active
Viewed 172 times
0
-
"128 bytes key" you mean 128 **Bit** "test if the encryption works" implement a unit test "simulate an attack to my application" If you use a common lib which is under heavy testing, you don't need to try to break it. – hdev Sep 13 '16 at 12:52
-
"how secure is it" implement your encryption in a 'best practise' way to ensure best secruity – hdev Sep 13 '16 at 13:00
-
i need actual proof to show that the algorithm is working (i insert the ciphertext in the db), could you tell me with unit test i need to implement? or how to simmulate a brute force attack? – Fernando Ojeda Sep 13 '16 at 13:11
-
1@FernandoOjeda It doesn't make sense to simulate a brute force attack. You can either try such an attack or not. With AES, it doesn't make sense to even try one. If you actually implemented the **AES** block cipher, then you can use test vectors to verify that it works correctly. You can even submit your code to a lab in order to get a FIPS certification, but it will be expensive. Why don't you just use existing implementations? Note that brute forcing the key is not a useful tool for cryptanalysis. – Artjom B. Sep 13 '16 at 18:18