I have a .Net web service that processes AES encrypted data. The consumers of my service agree on a key/IV pair with me and that way we can pass data securely. I have a consumer using PHP that is using mcrypt to encrypt. mcrypt is padding with NULLs. I was not setting a pad (NONE) and therefore not able to decrypt the strings. I changed my padding to Zero and was able to decrypt the mcrypt values.
I want to change my web service to use a universally accepted pad setting. And tell all my consumers to use that pad setting. However, I can't seem to find that universal pad setting. I have also read a few post that talk about some pad settings being "less secure". And equally bad, I have seen some post about some pad settings not translating across systems reliably.
Is there a universally accepted, secure and reliable pad setting for AES encryption?
Please let me know.