AES-256 Encryption
Posted: Tue Mar 24, 2009 1:13 am
This question is specific to the AES-256 encryption algorythm.
I have a need to validate that an encryption key used to generate an AES cipher is correct, without having access to the encryption key nor the unencrypted data.
In other words I have an encrypted string. I then enter the encryption key. I need to know if the key is the same key used to generate the encrypted string.
I am considering prepending a string to the front of the data before it is encrypted. I can then test for the existence of that string when I decrypt the data.
My questions is this: If an attacker knows the value of the first n characters of an encrypted string [AES-256], does this in any way weaken the security of the encryption? If so, what attack method would this be called? Do you have any reference sites that discuss this?
I am open to alternative methods of verifing the decryption key, if anyone has any ideas.
I have a need to validate that an encryption key used to generate an AES cipher is correct, without having access to the encryption key nor the unencrypted data.
In other words I have an encrypted string. I then enter the encryption key. I need to know if the key is the same key used to generate the encrypted string.
I am considering prepending a string to the front of the data before it is encrypted. I can then test for the existence of that string when I decrypt the data.
My questions is this: If an attacker knows the value of the first n characters of an encrypted string [AES-256], does this in any way weaken the security of the encryption? If so, what attack method would this be called? Do you have any reference sites that discuss this?
I am open to alternative methods of verifing the decryption key, if anyone has any ideas.