Use a AWS KMS AES-GCM key with AES-CBC algorithm from iOS CommonCrypto

1
votes

As far as I can tell, AWS KMS Data Keys are AES-GCM keys. (source: https://d0.awsstatic.com/whitepapers/KMS-Cryptographic-Details.pdf page 13)

Does that mean I must use AES-GCM to encrypt data with them or will a AES-CBC algorithm work too? I am trying to use these KMS keys to encrypt data on iOS without including external dependencies.

I found CommonCrypto, and wrote some code that seems to work with the KMS data keys, but as far as I know CommonCrypto only supports AES-CBC.

I also can't seem to write working code in any language to then decrypt the cipher text generated. Is this because the output of my GCM key + CBC algorithm is garbage? Why doesn't my encryption code complain?

Also, is it possible to do AES-GCM encryption on iOS without CryptoKit?

1
iosencryptioncryptographyaesaes-gcm
Did you search some libraries? CryptoSwiftkelalaka
Yes that is on my radar. This question is mainly about whether GCM keys can be used with CBC.Dan

1 Answers

1
votes

AES-GCM internally uses CTR mode, which turns a block cipher into a stream cipher and doesn't need padding. AES-GCM mode is an authenticated encryption mode which provides not only confidentiality but also, integrity and authentication.

CBC mode whereas requires padding and it is removed from TLS. Outdated and highly problematic, BEAST, bit flipping attack, padding oracle attacks, etc.

note: GCM is not perfect. GCM IV reuse is can be catastrophic.

GCM and CBC are completely different encryption schemes. You cannot decrypt an AES-GCM encrypted ciphertext with AES-CBC vice-versa. You can put any block cipher instead of AES in the previous sentence.

You have to stick the same encryption algorithm and schemes.

As stated in AWS documenation

All symmetric key encrypt commands used within HSMs use the Advanced Encryption Standards (AES) 4, in Galois Counter Mode (GCM) [5] using 256- bit keys. The analogous calls to decrypt use the inverse function.

You have to use AES-GCM.