11

From what I understand after testing the Crypto-JS file here:

http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js

AES creates encrypted strings that contained letters, both capitalized and lowercase, as well as numbers, division characters, addition characters and equal sign characters.

Do AES encryption strings only contain the characters mentioned above, or can they contain any character from UTF-8?

Thanks in advance. I know this question might seem a bit dumb, but I haven't been able to find the answer after online research.

Howard Butler
  • 139
  • 1
  • 1
  • 4

2 Answers2

16

AES does not operate on or produce characters — it has no knowledge or care of any particular character encoding. AES and other modern block ciphers accept and output arrays of bytes. The same concept applies to the key, and (in block modes that require one), the initialization vector.

How (and if) you choose to encode the output is up to you. For storing in a file or database, there is typically no need to encode the output – byte buffers work just fine. For showing the result to a user, things like hex-encoding are frequently used. For transport mediums that require only 7-bit clean ASCII, you can encode with Base64.

That said, CryptoJS appears to automatically encode outputs with Base64. I question the wisdom of this as a default (along with several others made by the CryptoJS authors), but that's the situation as it stands.

Stephen Touset
  • 11,002
  • 1
  • 38
  • 53
11

AES is a block cipher that operates on 128 bit blocks and for any messages (plaintexts) of other size than 128 bit one uses AES in some mode of operation, e.g., CBC considering the message as a sequence of 128 bit blocks (plus padding if required) or modes like CTR to turn AES into a stream cipher.

Anyways, the ciphertext which is output by AES when used with a particular mode of operation is a bitstring (sequence of bytes) of some size (size of the input message plus padding if necessary) and has as it is nothing to do with any character in any encoding.

How you display/store/transmit the ciphertext (the bitstring/sequence of bytes) and thus the set of possible characters that are used therefore depends on the character encoding that is used, e.g., utf 8.

For any given message (bitstring), the ciphertext produced by AES can be any possible bitstring, i.e., all bit patterns of the size of the ciphertext are possible. For instance, let us for simplicity assume the message to be 128 bit and let it be $0^{128}$, then the ciphertext can be any element of $\{0,1\}^{128}$. Consequently, when using a character encoding for the ciphertext, any character (bit pattern) supported by the chosen character encoding may appear somewhere in an AES ciphertext.

In you case, the ciphertext is BASE64 encoded and thus you observe exactly this set of characters when displaying the ciphertext. This particular encoding is a usual choice, since you do not run into encoding issues when dealing with on/transmitting ciphertexts between different platforms/systems.

DrLecter
  • 12,547
  • 3
  • 43
  • 61
  • 4
    Does the downvoter care to comment? $;$ –  Dec 28 '13 at 01:23
  • 1
    I didn't downvote, but I will say the other answer here is better. The output of AES's encryption step has no encoding, and is just a sequence of bits. To display these safely in some encoding, eg. for transmission in email, they must be encoded using something like BASE64 as you mention. But it seems like you're saying AES outputs some mythical "any encoding." – Michael Graff Dec 28 '13 at 19:34
  • 3
    I was the downvoter. My apologies; I should have commented. As @MichaelGraff argued, this answer does not clearly point out that AES cares only about bit strings (as opposed to characters). The answer is sort of there ("your ciphertext is a bitstring..."), but is confused by "any character of any character encoding is possible...", which obfuscates the true nature of AES inputs and outputs. AES operates on bytes, plain and simple. How to (or even whether or not to) encode them is a completely orthogonal concern. – Stephen Touset Dec 28 '13 at 19:55
  • I assumed that no one would assume that I mean any "mythical/magical" being involved. However, I edited the answer to make that hopefully more explicit. @StephenTouset you can at any time feel free to add comments/propose edits if you think that the answer is not clear enough ;) – DrLecter Dec 28 '13 at 20:18
  • I suggest stating explicitly that AES itself is not used for encryption except for a sole case where the input is a 128-bit string. In all other situations a mode of operation is used, and the exact form of output (bytes or bits or blocks) depends on a particular mode. – Dmitry Khovratovich Dec 29 '13 at 20:07
  • @DmitryKhovratovich I edited the answer to make that more explicit and hope this is ok now. – DrLecter Dec 29 '13 at 20:57