Encryption (mode and padding)

Question

I was tasked with writing a small Java console application that involves encryption. I am not familiar with encryption, so I had to do some reading up first. So far the high

Answer 1

You do not want to be asking the users about padding or block mode. What I think that you need to do is:

Generate a random 256bit key (make sure you use a cryptographic library to do this, with good seeding)

Encrypt the file using AES256 with the key (DO NOT USE ECB, use CBC and possibly padding if you want to slightly conceal the exact length of the file)

Encrypt the key using RSA-2048 (here block mode from a security point of view is irrelevant because the key is smaller than one block, as is padding because the key is a known length. I would use ECB)

Your protocol gives no guarantees of who sent the file or integrity of the file. This is really important to think about, consider signing.

Unfortunately when implementing anything to do with crypto, you are extremely likely to get things wrong. Definitely use the Java libraries and if you can find higher level trusted libraries doing things closer to exactly what you want, consider using those.