From What is the difference between PKCS#5 padding and PKCS#7 padding, I understand that PKCS#5 is defined for 8 byte block sizes. Does this rule it out as a padding option for AES since AES has a 16byte block size. I have seen some conflicting usages and would like to get a definitive answer
Asked
Active
Viewed 1.5k times
1 Answers
6
PKCS5 padding is a narrowly defined subset of PKCS7 as per its specification.
PKCS7 padding is identical to PKCS5 when applied to an 8-byte block only.
The PKCS5 specification is actually defined only for DES, not 64-bit block ciphers in general.
However, PKCS5 by specification MUST created an invalid padding string when applied to a block size that is longer than 8 bytes, and where more than 8 bytes of padding are needed, since it explicitly defines the value 8 for the block size and divisor in bytes. If 9 bytes of padding are required, PKCS5 will create only 1 byte of padding with a value of 0x01.
That being said, I would suspect most in the wild implementations of PKCS5 padding actually use the block size of the cipher used rather than the predefined value, and it is certainly possible that application of padding will not cause an error. This is not hard to test.
So yes, it does rule out PKCS5 as a padding option for AES, or for any block cipher with a non 64-bit block (and technically for anything not DES or 3DES), but may sometimes work anyway.
Richie Frame
- 13,278
- 1
- 26
- 42