security - Transporting plain text and encrypted data together -
i have web service encrypts/decrypts data. there harm (from security standpoint) if service returns both plaintext , encrypted text part of response? trying find out if makes easier trying break scheme , steal key if able hold of plaintext , ciphertext together, opposed getting hold of encrypted data. algorighm used aes-256 encrypt data.
update: clarify, scenario more decryption(and not encryption). service needs take in list of encrypted strings , homecoming list of decrypted strings. create sure consumer able map decrypted values in response encrypted values, thinking of sending collection of ciphertext/plaintext pairs. know there other ways maintain mapping(for eg using sequence number), wondering if ciphertext/plaintext combination used figure out original key.
the short reply is, no, secure cipher not susceptible (referred "known-plaintext attack.")
from wikipedia article:
modern ciphers such advanced encryption standard not susceptible known-plaintext attacks.
i'm curious why want implement such thing, i'm sure have reasons. care share them?
security encryption
No comments:
Post a Comment