[Question][Hw2] Padding scheme of CBC

[ICubE-]

Name: Jeho Yeon

I have two questions about padding scheme of CBC in Homework 2.

1. What kind of padding scheme should I implement? Zero padding? Or somethine else?
2. Mini-AES has a block size of 16 bits, which is a size of 2 characters. In the example, plaintext helloworld, which has 10 characters, is encrypted into ciphertext wk� ����3�wu, which has 12 characters. Why is the padding inserted? Since 10 is multiple of 2, I think padding shouldn't be inserted.

[KihongHeo]

Hi.

Recall what we discussed in the last lecture.

[bonjune]

Think you are a receiver of the ciphertext. How could you tell if the last block is padded or not? What if the non-padded last block is accidentally same as the padded block?

[ICubE-]

@KihongHeo @bonjune Now I see. I "must" insert padding while encrypting. Then, should I use PKCS5 padding, which we learned how to crack? The document says nothing about what scheme should we use.

[KAIST-JongchanPark]

The same one which we discussed.

Recall how padding oracle attack could be introduced.

[bonjune]

Techinically any padding scheme is possible. It's totally up to you if your scheme works for enc. dec. crack. But it would be easier to use a proven one :).

[KihongHeo]

As @bonjune said, you can do your best based on the knowledge you have learned in the class.

You are not my employee. There is no "must" things you have to implement here.

[ICubE-]

Thank you all for your answers! I thought that the scheme should be provided because there are expected values for enc.