Verify / IV key before decrypting with AesManaged? or to avoid CryptographicException before it is thrown?

Question

Verify / IV key before decrypting with AesManaged? or to avoid CryptographicException before it is thrown?

I wrote a couple of AES encryption / decryption functions based on this.

It works fine until I pass the wrong key or IV to my decryption function, at which point I get "The padding is invalid and cannot be removed." CryptographicException that others have mentioned.

My question is, is there a way to check the / IV switch before an exception is thrown? Maybe some kind of checksum? Or is the answer to this exception?

+3

.net exception encryption aes

Walter stabosz Mar 30 12 at 18:33

source to share

2 answers

The only thing that might be invalid with encrypted data is that it might have the wrong length (pigeonhole only). Some padding schemes require the data to be a multiple of the block size. Other padding schemes do not have this limitation.

0

usr Mar 30 12 at 20:59

source to share

Maarten bodewes · Accepted Answer · 2012-03-30T23:48:12+0000

The answer is just to catch the exception yes. The IV is usually sent with an encrypted message, so there is no point in checking it separately. Regarding the key, the usual way to check the value of the key is to use KCV (Key Validation Value):

Please check the Poncho question about my question here:

https://crypto.stackexchange.com/questions/1930/sending-kcv-key-check-value-with-cipher-text

Basically it doesn't seem to be worth it. Of course, your movement can change. On the other hand, adding some sort of authentication to your encrypted message always makes a lot of sense, but it still won't tell you if the data is corrupted or changed, or if you have the wrong key ...

Verify / IV key before decrypting with AesManaged? or to avoid CryptographicException before it is thrown?

More articles: