AES-CBC, Advanced Encryption Standard - Cipher Block Chaining, a classic block cipher mode. Each block is encrypted depending on the encrypted state of the previous block.
Technical Specifications
- Key Length:
- 128, 192, or 256 bit
- Block Size:
- 128 bit (16 byte)
- IV (Initialization Vector) Length:
- 128 bit (16 byte) - Same as block size
- Padding:
- Requires PKCS#7 padding
- Security Level:
- High, but not authenticated encryption
Usage Areas
- File encryption (disk encryption)
- Old TLS versions (TLS 1.0, 1.1 - no longer used)
- Legacy systems and protocols
- IPSec (some configurations)
Features
- Cipher Block Chaining: Each block depends on the previous block
- IV (Initialization Vector) must be random for each encryption
- Same IV should not be reused (security vulnerability)
- Does not support parallel processing (requires sequential processing)
Standards and References
- NIST Special Publication 800-38A
- ISO/IEC 10116
⚠️ Important Warnings
- Does not provide authenticated encryption - should be used with a MAC like HMAC
- Vulnerable to padding oracle attacks - correct implementation is critical
- IV uniqueness is mandatory - must use a unique IV for each encryption (never reuse)
- IV correctness is critical - IV must be random and unpredictable (do not use fixed or sequential values)
- Never use IV with a fixed value or previous IV
- Modern applications should prefer authenticated encryption modes like AES-GCM
- TLS 1.2 and above generally use AES-GCM