From my reading I am not sure if AES is a single, standardized algorithm that can work with different length keys, or a family of similar algorithms? What I mean is if I find any 2 AES implementations taking a 128-bit key, should I be confident they will work identically (barring bugs)?
Specifically in .Net/C#, I was confused why there are two implementations of abstract base class System.Security.Cryptography.Aes: System.Security.Cryptography.AesCryptoServiceProvider & System.Security.Cryptography.AesManaged.
Then there seems to be distinction/overlap between AES and Rijndael, .NET has Rijndael and RijndaelManaged classes, as well as RijndaelManagedTransform
What’s the differences between all of these? I notice AES classes seem to only exist since .NET 3.5 whereas Rijndael has been around since 1.0
Sorry if these are dumb questions, I’m new to crypto other than secure hashing functions.
AES, the Advanced Encryption Standard, defines in FIPS PUB 197 three symmetric block-ciphers: AES-128, AES-192 and AES-256. All three algorithms are defined by specific parameter-choices for the Rijndael algorithm.
AES-128-encryption is a function (key, data) -> (encryption).
Rijndael-encryption is a function (key, data, block-size, key-size) -> (encryption).
AesCryptoServiceProvideruses the underlying Windows CryptoAPI to perform the encryption.AesManagedperforms the encryption in pure managed code.RijndaelManagedsupports the full range of parameter-choices (also in pure managed code).Advantages to using
AesCryptoServiceProviderinclude potential for higher speed and the fact that CryptoAPI is FIPS certified (on certain versions of Windows).Advantages to
AesManagedinclude portability (AesCryptoServiceProvideris not supported on all versions of Windows).The only advantage to
RijndaelManagedis that it is supported in early versions of the .NET framework – I haven’t ever seen anyone use the non-AES parameter-choices.