algorithm - Is the RijndaelManaged Class in C# equivalent to AES encryption?
I am asking this question to confirm whether the RijndaelManaged class in C# is equivalent to AES encryption. From what I have been reading, RijndaelManaged was the algorithm of choice to implement AES encyrption. Can someone confirm this please?
Is RijndaelManaged algorithm safe to be used for a web project? Thanks :)
Answer
The AES algorithm was selected in a competition held by NIST between 1997 and 2000. The winner was an algorithm called Rijndael.
NIST specified that the AES algorithm was to have a 128-bit block size. As Rijndael supports block sizes of 128, 160, 192, 224, and 256 bits, the final AES specification differs from the original Rijndael specification in that regard. In other words, "AES" and "Rijndael" are the same algorithm, except "AES" is restricted to a block size of 128 bits.
Block size has nothing to do with key size though. The algorithm in question supports 128, 192, and 256-bit keys. Longer keys are not necessarily "stronger", because AES has certain theoretical weaknesses. Either way, 128-bit keys are plenty long enough for the foreseeable future.
As EkoostikMartin said, AES is unbreakable to date. But cryptography is hard, and even professionals don't get it right every time. Using raw cryptographic primitives without knowing exactly what you're doing will likely result in something bad. To put it another way, the cipher is very rarely the weakest link in the "security chain".