Default FeedbackSize value for instances created by TripleDES.Create changed
The default value for the SymmetricAlgorithm.FeedbackSize property on the TripleDES instance returned from TripleDES.Create() has changed from 64 to 8 to make migration from .NET Framework easier. This property, unless used directly in caller code, is used only when the Mode property is CipherMode.CFB.
Support for the CFB mode was first added to .NET for the 5.0 RC1 release, so only .NET 5 RC1 and .NET 5 RC2 applications should be impacted by this change.
Change description
In .NET Core and previous pre-release versions of .NET 5, TripleDES.Create().FeedbackSize
has a default value of 64. Starting in the RTM version of .NET 5, TripleDES.Create().FeedbackSize
has a default value of 8.
Reason for change
In .NET Framework, the TripleDES base class defaults the value of FeedbackSize to 64, but the TripleDESCryptoServiceProvider class overwrites the default to 8. When the FeedbackSize property was introduced to .NET Core in version 2.0, this same behavior was preserved. However, in .NET Framework, TripleDES.Create() returns an instance of TripleDESCryptoServiceProvider, so the default value from the algorithm factory is 8. For .NET Core and .NET 5+, the algorithm factory returns a non-public implementation, which, until now, had a default value of 64.
Changing the TripleDES implementation class' FeedbackSize value to 8 allows for applications written for .NET Framework that specified the cipher mode as CFB but didn't explicitly assign the FeedbackSize property, to continue to function on .NET 5.
Version introduced
5.0
Recommended action
Applications that encrypt or decrypt data in the RC1 or RC2 versions of .NET 5 do so with CFB64, when the following conditions are met:
- With a TripleDES instance from TripleDES.Create().
- Using the default value for FeedbackSize.
- With the Mode property set to CipherMode.CFB.
To maintain this behavior, assign the FeedbackSize property to 64
.
Not all TripleDES
implementations use the same default for FeedbackSize. We recommend that if you use the CFB cipher mode on TripleDES instances, you should always explicitly assign the FeedbackSize property value.
TripleDES cipher = TripleDES.Create();
cipher.Mode = CipherMode.CFB;
// Explicitly set the FeedbackSize for CFB to control between CFB8 and CFB64.
cipher.FeedbackSize = 8;