When would I choose AesCryptoServiceProvider over AesManaged or RijndaelManaged?

.net aes rijndaelmanaged
Cheeso picture Cheeso · Aug 4, 2009 · Viewed 8k times · Source

I think the distinguishing factors are

  • AesCryptoServiceProvider is FIPS compliant
  • AesManaged is cross-platform, requires .NET 3.0
  • RijndaelManaged runs on .NET 2.0, requires restricting the blocksize

is that about right?

Answer

PaulG picture PaulG · Aug 4, 2009

AesManaged documentation states that

"The AES algorithm is essentially the Rijndael symmetric algorithm with a fixed block size and iteration count. This class functions the same way as the RijndaelManaged class but limits blocks to 128 bits and does not allow feedback modes."

That would suggest its using ECB (Electronic Codebook) mode. This can be a significant weakness to the encrypted data as it means identical blocks of plain text data will result in identical blocks of cipher output.

Edit: (As correction)
Documentation for the Mode property indicates that Mode infact defaults to CBC (which confusingly IS a feedback mode) but cannot be set to CFB or OFB (Cipher Feedback / Output Feedback)

Related questions

RijndaelManaged "Padding is invalid and cannot be removed" that only occurs when decrypting in production

I know other questions have been asked on this but none so far have provided a solution or are exactly the issue I have. The class below handles the encryption and decryption of strings, the key and vector passed in …

Read More
Getting SlowAES and RijndaelManaged class in .NET to play together

I'm trying to setup AES encryption / decryption using the javascript library SlowAES and the RijndaelManaged class in .NET. I chose this method after reading this post, where Cheeso has managed to get these two encryption methods to play together "In …

Read More
OpenSSL encryption using .NET classes

I'm looking to create a class that uses the .NET libraries that is compatible with OpenSSL. I'm aware there is an OpenSSL.Net wrapper, but I would prefer to avoid referencing 3rd party\unmanaged code. I'm not looking for a …

Read More