Im currently trying to learn some stuff about encryption, it's algorithms and how it works in general. I was thinking about a way to go for encrypting large files and the only way feasible to me seems using a symmetric key algorithm.
So i was looking at AES, and while passing 64k or 32k blocks of bytes to a AES object that you create using a hash of the password seems ok , i'm still curious as to the safest way to do this as i keep reading that cryptography is very easy to mess up.
So i get a passphrase, i get its SHA256 checksum, i use that for a key when creating my encrypt/decrypt object.
Other things i couldn't find an answer for : should i use an IV ? if so i have to make sure the object uses the same IV on decryption that it used on encryption...how do i do that?
Why did i see someone around here say that you should pad the last block of the file even if the number of bytes is divisible by 16?
What type of encryption mode should best be used?
Could you recommend any other resources to go about for learning more about security/cryptography?
Thank you in advance
To look at some of your questions.
Use CTR mode or CBC mode for most purposes. If you need built-in authentication use Galois Counter Mode (GCM). Otherwise use a separate HMAC for authentication, with a different key.
An IV is needed with all three suggested modes, though in CTR mode it is sometimes called a nonce instead. It can be sent in clear, and is usually prepended to the cyphertext.
Padding should always be used. Select PKCS7 or PKCS5, they are effectively the same.
For learning about Cryptography, I would suggest 'Practical Cryptography' by Ferguson and Schneier. I understand that there is an updated version, called 'Cryptography Engineering', which I have not read.