I am currently using AES/CBC/PKCS5Padding
for encrypting files in Java with 256 bytes key size, but while searching I found on stackexchange PKCS#5-PKCS#7 Padding and it is mentioned,
PKCS#5 padding is a subset of PKCS#7 padding for 8 byte block sizes
So I want to know
AES/CBC/PKCS7Padding
will be better then AES/CBC/PKCS5Padding
for the above configuration?PKCS#7 padding would work for any block size from 1 to 255 bytes.
My sample code is,
SecureRandom rnd = new SecureRandom();
IvParameterSpec iv = new IvParameterSpec(rnd.generateSeed(16));
KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(256);
SecretKey k = generator.generateKey();
Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");
c.init(Cipher.ENCRYPT_MODE, k, iv);
The block size is a property of the used cipher algorithm. For AES it is always 16 bytes.
So strictly speaking, PKCS5Padding cannot be used with AES since it is defined only for a block size of 8 bytes. I assume, AES/CBC/PKCS5Padding is interpreted as AES/CBC/PKCS7Padding internally.
The only difference between these padding schemes is that PKCS7Padding has the block size as a parameter, while for PKCS5Padding it is fixed at 8 bytes. When the Block size is 8 bytes they do exactly the same.