I need to create a database column which will store a string encrypted using Triple DES. How do I determine the length of the encrypted string column?
(Answers for algorithms other than Triple DES are also welcome.)
A:
Triple DES uses three 56-bit DES keys, giving 168 bit keys. It's block size is 64-bit.
Yuval A
2009-01-19 10:42:13
Please elaborate. For example if I have a string 100 characters long, how would I calculate the length of the encrypted string?
Vulcan Eager
2009-01-19 10:46:54
(string.length / 8) + 1, assuming 8 bits characters
Keltia
2009-01-19 10:58:14
length is in characters (or byte if you prefer) so length / 8 is using 64 bit blocks.
Keltia
2009-01-19 11:01:05
+3
A:
Using Triple DES does not change the string's length but it will be rounded to the next 64 bit boundary. If you intend to "display" it, you'll have to encoded it (like in Base64 though.
As for other algorithms, it is difficult ot answer as there are plenty. Block ciphers will always pad input to match their block size whereas many stream ciphers will not.
Keltia
2009-01-19 10:52:23
I just found this: http://msdn.microsoft.com/en-us/library/system.security.cryptography.ciphermode.aspxExtract: "The Cipher Text Stealing (CTS) mode handles any length of plain text and produces cipher text whose length matches the plain text length."
Vulcan Eager
2009-01-19 11:09:41
+2
A:
Block-ciphers such as DES, 3DES and AES can only operate on blocks of bytes. DES and 3DES operate on block of 8 bytes and AES on blocks of 16 bytes.
To handle this, you usually apply a reversible padding to your plaintext before encrypting it. It will mostly always be "PKCS"-padding (also called PKCS5- or PKCS7-padding).
PKCS-padding adds at least one byte such that the padded text has a length divisible with the block-length (8 bytes for 3DES). The value of the padding-bytes is the number of bytes added. Fx. ABCDEF is padded to ABCDEF0505050505 and 0011223344556677 is padded to 0011223344566770808080808080808. Note that this is easy to remove: you just look at the final byte of the padded bytes, verify that it is between 1 and the block-length, and remove that number of bytes from the end (verifying that each removed byte has the correct value).
Finally, to answer your question: Assuming you are using 3DES with CBC encryption and PKCS-padding - which you probably are - the encryption of a string of length n will have length:
n + 8 - (n % 8)
Rasmus Faber
2009-01-20 21:35:43
Yes, 64 bytes encrypted using 3DES/CBC/PKCS-padding will become 72 bytes after encryption.
Rasmus Faber
2010-03-17 08:51:56
A:
One of our client requirements is that we use a 26 byte key (0123456789ABCDEFF9876543210) and encrypta 4 character string to a 16 character encrypted String. Now using the "3DES" algorightm and similar others, we are able to generate only 12 digit encryption.
Is there any algoright which accepts a 26 Byte or 32 byte key and converts a 4 digit/string into a 16 digit encryption
pkul3003
2010-03-17 07:14:21