For ECB, CBC, and CFB, padding is required when the plaintext does not fill out a complete multiple of the block size. However, I have heard that is good practice to pad all messages, even if the plaintext does fill out a complete multiple of the block size. What benefit does doing such a thing have? Does it increase security in any way?
Asked
Active
Viewed 58 times
1
-
1Where did you hear this? In some cases there may be a minor benefit to hiding some information about a message's length, you may be misinterpreting what you've read: If you want to allow messages that aren't a multiple of the block size, then padding is required even for a message that is a multiple of the block size. Otherwise, how can you tell a padded message apart from a plaintext that happens to end in a sequence of bytes that is also valid padding? – Seth Mar 22 '16 at 05:17
-
2CFB doesn't require padding. – CodesInChaos Mar 22 '16 at 10:04
-
3Related question: Why can the last block contain a full block of padding in CBC Encryption? – CodesInChaos Mar 22 '16 at 10:14
-
@CodesInChaos, while theoretically CFB does not require padding, NIST requires that you use padding with it... Anyway, I think this is simply dupe of the question you linked. – otus Jun 22 '16 at 07:01