AES encryption using C# and decryption in Java

Question

I just want to confirm my understanding of how AES works.

If company#1 is encrypting the data, and sending this data to company#2 to decrypt, and let\'s presume that

Answer 1

There is a lot that both have to agree upon:

• shared secret key
  • How long is it? (Is key padding required?)
  • Is the actual key derived from another key or password with an additional salt?
    • Which key derivation function is used and what are their parameters? PBKDF2, bcrypt, scrypt, ...
    • Is the IV derived together with the key? (usually by requesting key size + IV size output from the key derivation function)
• cipher characteristics:
  • block cipher like AES, Triple DES, Twofish, Rijndael, ...
    • cipher parameters such as block size in case it is variable
  • mode of operation like CBC, CTR, CFB, ...
    • for IV-based modes: How is the IV generated? Is it generated randomly and put into the container format or is it derived together with the key from a password and therefore doesn't need to be put into the ciphertext container?
    • for nonce-based modes like CTR: How big is the nonce (sometimes referred to as IV)?
    • for parametrized modes like CFB: How big is a segment?
  • padding mode like PKCS#7 padding (which is also referred to as PKCS#5 padding), ZeroPadding, ...
• authentication (if any):
  • as mode of operation like GCM, EAX, SIV, ...
  • as separate encrypt-then-MAC/MAC-then-encrypt/encrypt-and-MAC scheme with a MAC like HMAC-SHA256, CMAC, HKDF, GHASH, ...
• encoding of each component like Hex, Base32, Base64 or simply binary (no encoding)
  • Is everything encoded together into a textual format from the finished binary format or are the components encoded separately and concatenated together?
• format:
  • Where to put IV/nonce/salt (if any)? (usually before the actual ciphertext)
  • Where to put authentication tag (if any)? (usually after the actual ciphertext)
  • Is Cryptographic Message Syntax applicable?