Questions tagged [padding]

Padding has two primary uses in cryptography, ensuring messages are the proper length necessary for certain ciphers (e.g., block ciphers) or to provide assurances not built into the core cipher (e.g., semantic security)

Padding has two primary uses in cryptography, one for symmetric-key cryptography and one for public-key cryptography. In block ciphers, a kind of symmetric-key algorithm, messages must be the length of the block length (or a multiple of the block length if using a cryptographic mode of operation). Thus, padding is added to a message to ensure this property. In public-key cryptography, padding is used to enhance an algorithm's resistance to certain attacks. For example, padding used in RSA makes RSA semantically secure.

316 questions

votes

1 answer

Why was ISO10126 Padding Withdrawn?

Wikipedia mentions ISO10126 Padding has been withdrawn, but doesn't say why. Also there were no news reports about this, as far as I can see. Why was it withdrawn? Are there security flaws? Is there maybe a new version?

padding

asked Feb 24 '12 at 20:42

Dexter

votes

1 answer

What encryption schemes to hide the plaintext length exist besides padding?

From this answers comments a statement came up about padding that I don't understand: "If we need to keep the length of the plaintext confidential to some degree, there are better methods." Are there any methods of hiding the plaintext length…

padding

asked Oct 09 '17 at 12:54

daniel

votes

1 answer

Why are hashes padded only at the end of the block?

Cryptographic hash functions pad the input message with some indicator of length. This is done as to avoid attacks and allows an input message of 0000 to be differentiated from 00000. As far as I can see, padding /length inclusion invariably…

padding

asked Aug 18 '16 at 00:52

Paul Uszak

15,390
2
28
77

votes

2 answers

How to pad messages with large amount of padding

I'm playing around with an application for secure email-like communication and I want to perform length hiding padding on the plaintext messages so they always have a consistent size before encrypting with AES. I would like to do PKCS7 style padding…

padding

asked Jun 21 '13 at 19:20

Keke Alho

votes

1 answer

What prevents a padding standard to cause a data loss?

In here different byte padding standards are listed as ANSI X.923, ISO 101.26, PKCS7, ISO/IEC 7816-4 and zero padding. All of them seems to apply padding to the last byte blocks. Odds are rare but what happens if the actual data is an integer…

padding

asked Mar 17 '14 at 13:19

user12556

votes

1 answer

Padding always the same, problem or not?

I need to transmit long encrypted messages to a smartcard over a limited capacity link so I need to fragment the messages somewhere before sending thzm. My problem is that I split the message into 64-byte blocks and then apply a pkcs7 padding. The…

padding

asked Feb 26 '13 at 09:45

Romain

vote

1 answer

Security of PKCS7 padding

I just designed my own padding function and came up with a potential problem that could harm the security of encryption. After I fixed that flaw, I found out that the PKCS7 standard padding should be also vulnerable to a known-plaintext attack.…

padding

asked Feb 02 '22 at 22:47

Luqus

vote

1 answer

Cryptopals challenge - not understanding the padding details

I am working on some tasks in Crypto, specifically on this small task: https://cryptopals.com/sets/2/challenges/9, which I aim to implement in Python. The point is to add padding for a certain number of bytes, and the value of each byte is the…

padding

asked Aug 01 '18 at 18:58

BenM

vote

1 answer

What's the generally accepted way of padding more than 255 bytes?

There are plenty of popular padding schemes in use today. ANSI X.923 and PKCS#7 come to mind. However, all of them work on single bytes at a time. This is hardly surprising: padding for cryptographic purposes is usually just to 16 bytes and a single…

padding

asked Jan 11 '17 at 21:46

Awn

1,552
1
13
18

vote

1 answer

How is the usual way of using PKCS5/7 when a weird data is given?

PKCS5/7 pads the remaining data elements with a binary representation of how many space requires padding. This is useful and compact but what should I do in the following sample scenario below ? Example: Use case scenario is to use AES or any fixed…

padding

asked Feb 18 '16 at 12:52

thotheolh

vote

1 answer

PKCS5 having no padding?

I am using the javax.crypto.Cipher in Java to do AES/CBC/PKCS5Padding encryption. What I am observing is that, if you try to encrypt a Plaintext with no padding, PKCS5 adds another entire block just to padding. For example, if I got a 32bytes…

padding

asked Oct 09 '15 at 09:37

user28238

votes

0 answers

How can you tell if padding was used?

Let's say you have an encryption algorithm that uses PKCS5 padding. You input 'secret message', which is 14 characters long, but for some reason or another the algorithm needs it to be 16 characters long. So you add on two bytes that are equal to 2…

padding

asked Feb 09 '21 at 21:28

Guest

votes

0 answers

In HMAC-MD5 Implementation, why "i_key_pad" and "o_key_pad" if They Are Public and Constant?

Please Consider: English is My Second Language This Wikipedia article on HMACs shows a part of a HMAC-MD5 implementation making use of i_key_pad and o_key_pad: # [...] def hmac_md5(key, msg): if len(key) > blocksize: key =…

padding

asked Aug 30 '15 at 21:29

Cyan