When you use openssl enc, you need to select a mode of operation in addition to the key size, e.g. (If your data doesn't consist of exactly 128 bits, you need to apply a mode of operation around AES. Each of these functions takes an $n$-bit key (where $n$ is 128, 192 or 256 depending on whether the function is AES-128, AES-192 or AES-256) as well as a 128-bit block as parameters, and returns a 128-bit block. Is AES-256 a post-quantum secure cipher or not?ĪES is a family of three pairs of functions that use essentially the same mechanisms with different tuning parameters: AES-128 encryption and decryption, AES-192 encryption and decryption, and AES-256 encryption and decryption.What is the effect of the different AES key lengths?.What are the practical difference between 256-bit, 192-bit, and 128-bit AES encryption?.Anyway, if you are interested in the practical differences in AES-128, AES-192, and AES-256, there are several good questions on this site with good answers: Just remember that AES was designed as a block cipher, so the whole passphrase business is really separate from it. And, like your question implies, if the adversary knows your file is encrypted with a passphrase, it makes using a larger key sort of moot. So, if possible, I would very highly recommend you generate a real key instead of using a passphrase. The default hash function used in it is MD5, and it only uses just a few rounds by default. OpenSSL does use a salt by default, which improves things, but the algorithm it uses is "somewhat" questionable. Typically, I would recommend against using passphrases for encryption, as they are notoriously low-entropy and vulnerable to simple guessing.
So, the fact that OpenSSL lets you use a passphrase is entirely unrelated to AES. But in general, you probably want one of the authenticated modes (AEAD), like GCM, OCB, EAX, or CCM.
I'd recommend, for non-authenticated schemes, either CTR or CBC, not ECB. In fact, "AES" itself can't encrypt more than one block of data to do that, you need to use a block cipher mode of operation. As I said, it is a cryptographic primitive, meaning it is meant to be used in a larger system (usually). How you get those keys is beyond the purview of AES, which is concerned only with encryption.
The three standard key sizes are 128 bit, 192 bit, and 256 bit. It has no involvement with key derivation or anything of that nature. AES is a block cipher, a cryptographic primitive.
0 kommentar(er)
