Its Tls 1.2 Padding required when message ist multiple of block length?

atcheckmate

5/5/24, 1:26 PM

When I want to encrypt a 16 byte long message with AES-128-CBC using int TLS 1.2 do I need to add a 16 byte block of padding or can I just encrypt the message without padding ?

1 + 0

padding

Score:0

Crypto

poncho

5/5/24, 1:34 PM

When I want to encrypt a 16 byte long message with AES-128-CBC using int TLS 1.2 do I need to add a 16 byte block of padding or can I just encrypt the message without padding ?

You always need to add padding. If you didn't, then the decryptor would be unable to distinguish between "this message was padded" and "this message wasn't padded, but happened to have data at the end that looks like padding".

So, if the data happens to be a multiple of 16 bytes long, you add a full 16 bytes of padding.

Also, in TLS 1.2 and CBC mode, you usually add the HMAC to the plaintext before encryption (hence in addition to your 16 bytes of data, there will be some additional bytes from the HMAC that will also be encrypted). There is a negotiated extension to add the HMAC after the ciphertext instead ("Encrypt-then-MAC"); I don't believe it is in common use.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Its Tls 1.2 Padding required when message ist multiple of block length?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.