[Mono-list] AES/CFB Stream Cipher Problem

Sebastien Pouliot sebastien.pouliot at gmail.com
Sun Jan 6 17:02:42 UTC 2013 

You're right that saying AES is confusing (I asked stopping doing so
on the bug report) but for the wrong reasons ;-)

AES is a subset of Rijndael (fixed block size). FWIW even
RijndaelManaged is a subset of the "real" Rijndael algorithm - but
that's all beside the point.

The real issue is with CFB and the facts that:

* RijndaelManaged CFB is not compatible with AesCryptoServiceProvider
CFB [1] (or with any other CFB implementation in the .NET BCL);

* AesManaged does not support CFB at all [2] (likely not to add
further confusion about it);

So switching to Aes[CryptoServiceProvider|Managed] is not an option
for Drew since he must interoperate with server-side code using the
RijndaelManaged/CFB implementation.

Sebastien

[1] http://blogs.msdn.com/b/shawnfa/archive/2006/10/09/the-differences-between-rijndael-and-aes.aspx
[2] http://blogs.msdn.com/b/shawnfa/archive/2007/01/17/new-crypto-algorithms-in-orcas.aspx

On Sun, Jan 6, 2013 at 11:27 AM, edward.harvey.mono
<edward.harvey.mono at clevertrove.com> wrote:
>> From: mono-list-bounces at lists.ximian.com [mailto:mono-list-
>> bounces at lists.ximian.com] On Behalf Of Drew DeVault
>>
>> The
>> problem comes
>> from using a CryptoStream with a RijndaelManaged cipher.
>
> This might be unrelated, but your subject says AES, and your message body says RijndaelManaged.  AES is based on Rijndael, but AES is not Rijndael.
>
> Most likely you should use AesCryptoServiceProvider or AesManaged instead.  The main difference is that AesCryptoServiceProvider takes more time to startup, but it's faster once it's started.  So you use AesManaged for small blocks of data (a few AES blocks worth) and use AesCryptoServiceProvider for everything else.  Also, supposedly AesCryptoServiceProvider isn't necessarily cross-platform compatible, but I have yet to find the platform that doesn't support it.
>
> The Rijndael classes are mostly provided for historic, legacy, and academic purposes nowadays.
>
> _______________________________________________
> Mono-list maillist  -  Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list

More information about the Mono-list mailing list