Is it safe to use cipher block sizing instead of padding?

Question

I'm using this kind of technique instead of padding of cipher buffer (here goes pseudo-code):

struct {
   int size;         //size of cipher buffer
   byte[32] vector; //random IV (block size is 256 bits)
   byte[] buffer;    //encrypted buffer
}

Cipher data encrypted using block cipher with CBC chaining using IV specified as vector

I'm storing this structure "as-is" and in order to decrypt it decrypting buffer block by block then just cutting buffer to size.

Question is: is it safe/secure? Any hints/criticizm?

score 3 · Accepted Answer · edited Apr 13 '17 at 12:48

3

Yes, this is fine.

There is a practical disadvantage in space used, if you don't otherwise need to store the size in plaintext. A size field will usually take 32 or 64 bits, whereas typical padding adds one byte on average. Also, if you use encrypt-then-MAC you need to include the length as part of the authenticated data.

edited Apr 13 '17 at 12:48

Community

1

answered Dec 25 '15 at 10:53

otus

32,462
5
75
167

score 1 · Answer 2 · answered Dec 25 '15 at 19:30

It is generally fine EXCEPT the fact, that you should not think that one replaces another : it's the BEST practice to use both, but using one of them is better than not using anything at all. They're helping each other in terms of securing, and they are different things.

Is it safe to use cipher block sizing instead of padding?

2 Answers2