Jump to content
Jacek Laskowski

AES and different result length

Recommended Posts

I am testing the DEC library and the AES algorithm (Rijndael).
To check the correctness of the result I use other sources of ciphertext. And I encountered a small problem.
I used two online generators and wrote a script in Python, but the results (ciphertext) has different length in each of them:



#domain tools


The common part agrees, but what are the extra bytes?




#domain tools:



Python script:

import pyaes, binascii
key = b'01234567012345670123456701234567'
plaintext = 'Some short description with looooooooong additional data like polish diacritical chars... łóżźćęół and digits 0123456789'
encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(key))
ciphertext = encrypter.feed(plaintext.encode('utf-8'))
print('Encrypted:', binascii.hexlify(ciphertext).upper())


Initialization vector is set to 16 zeroes.

Share this post

Link to post

Would be interesting to check if the decrypting functions of each library is able to decrypt encrypted values generated by other libraries.

Share this post

Link to post
3 hours ago, Jacek Laskowski said:

I used two online generators and wrote a script in Python, but the results (ciphertext) has different length in each of them:

First lets see if we can find which one is right in length and which is wrong

S o m e   s h o r t   d e s c r i p t i o n   w i t h   l o o o o o o o o o n g   a d d i t i o n a l   d a t a   l i k e   p o l i s h   d i a c r i t i c a l   c h a r s . . .   ł ó ż ź ć ę ó ł   a n d   d i g i t s   0 1 2 3 4 5 6 7 8 9

As you can see the third one is shorter that the plaintext means its been truncated and data been lost, this is wrong and will not restore the data in full.

the second one is the right, the length is longer than the plaintext length but fit the block length for AES, this is right, but this will raise a question about what padding been used ?!!

the first one is the longer and does have one extra full block, should means a padding scheme been used for sure.


Now i explained what is going on with length, the question is this

What padding are you using? 


Also, googling pyaes, i landed here https://github.com/ricmoo/pyaes/blob/master/README.md and i would suggest that you read it carefully and try to understand the padding usage and its importance.

Share this post

Link to post

Yes, you're right... it's about the padding. I didn't specify it explicitly and the default was used, hence there is a difference in the two libraries. Thanks!

Share this post

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now