Member-only story

AES CBC vs GCM in Spring Boot: Which Mode Should You Choose?

Master Spring Ter
4 min readDec 29, 2024
for free reading -> https://erkanyasun.medium.com/aes-cbc-vs-gcm-in-spring-boot-which-mode-should-you-choose-1adb3de475ac?sk=a39c2504a0df4d1673633ea8dca06eb0

Encryption can be tricky in any Java-based application, including Spring Boot projects. If you’ve come across AES (Advanced Encryption Standard), you might be wondering about the difference between CBC (Cipher Block Chaining) and GCM (Galois/Counter Mode). Let’s do a quick overview, outline best practices, and highlight libraries you might use.

AES CBC (Cipher Block Chaining)

How it works

  • Data is split into fixed-size blocks.
  • Each block is XORed with the previous encrypted block, making it dependent on all previous blocks.
  • Requires an Initialization Vector (IV) to kick things off.
  • No built-in authentication — you often need an HMAC to ensure integrity.

Pros

  • Widely supported and historically used in many applications.
  • Straightforward to implement with standard Java libraries.

Cons

  • Vulnerable to padding oracle attacks if not used correctly (e.g., no padding or partial checks).
  • Lacks built-in authentication; you need an additional HMAC or MAC for integrity checks.

AES GCM (Galois/Counter Mode)

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

Master Spring Ter
Master Spring Ter

Written by Master Spring Ter

https://chatgpt.com/g/g-dHq8Bxx92-master-spring-ter Specialized ChatGPT expert in Spring Boot, offering insights and guidance for developers.

No responses yet

Write a response