tags:

views:

105

answers:

2
+2  Q: 

Is there an encryption technique that could turn an 8-digit number into something 10 or 11 digits or less?

Many of the encryption techniques I've seen can easily encrypt a simple 8 digit number like "12345678" but the result is often something like "8745b34097af8bc9de087e98deb8707aac8797d097f" (made up but you get the idea).

Is there a way to encrypt this 8 digit number but have the resulting encrypted value be the same or at least only a slightly longer number? An ideal target would be to end up with a 10 digit number or less. Is this possible while still maintaining a fairly strong encryption?

Update: I didn't make the output clear enough - I am wanting an 8-digit number to turn into an 8-digit number, not 8 bytes.

+2  A: 

Well you could look a stream cipher which encrypts bytes 1:1. With N bytes input, there are N bytes encrypted/decrypted output. Such ciphers are usually based on an algorithm that creates a stream of random numbers, with the encryption key/IV acting as seed.

For some stream ciphers, look at the eSTREAM candidates. I don't know of any relevant attacks on HC-128 and HC-256, for example.

AndiDog  2010-08-30 23:12:25
The potential problem with a stream cipher in this context is that you have to somehow ensure that you never encrypt different values with the same part of the keystream - so you also may need to include some information saying where to seek to in the keystream.
caf  2010-08-31 05:22:19
+4  A: 

A lot here is going to depend on how seriously you mean your "public-key-encryption" tag. Do you actually want public key encryption, or are you just taking that possibility into account?

If you're willing to use symmetric encryption, producing 8 bytes of output from 8 bytes of input is pretty easy: just run 3DES in ECB (Electronic Code Book) mode, and that's what you'll get. The main weakness of ECB is that a given input will always produce the same result, so if your inputs might repeat an attacker will be able to see that repetition, and may be able to notice a pattern of "encrypted value X leads to action Y", even if they can't/don't break the encryption itself at all. If you can live with that, 3DES/ECB is probably your answer.

If you can't live with that, 3DES in CFB mode is probably the next best. This will produce 16 bytes of output from 8 bytes of input (note that it's not normally doubling the input size, but adding 8 bytes to the input size).

3DES is hardly what anybody would call a cutting edge algorithm, but I'd say it still qualifies as "fairly strong encryption". Part of its weakness as an algorithm stems from its relatively small block size, but that also minimizes expansion of the output.

Edit: Sorry, I forgot to the public-key possibility. With most public-key cryptography, the smallest result is roughly equal to the key size. With RSA encryption, that'll typically mean a minimum of something like 1024 bits (and often considerably more than that). To keep the result smaller, I'd probably use Elliptical Curve Cryptography, for which a ~200 bit key is reasonably secure against known attacks. This will still be larger than 3DES/CFB, but not outrageously so.

Jerry Coffin  2010-08-30 23:15:26
This is great guidance, thank you.
Marplesoft  2010-08-31 00:59:06
By the way, that tag was probably a bad choice. It doesn't need to be an asymmetric key.
Marplesoft  2010-08-31 01:00:58
Marplesoft  2010-08-31 23:34:30
Ah, I didn't understand that. In that case, maintaining the size would be considerably harder. If you encode in hexadecimal, it'll double the size. If you use Base 64 encoding, it should (just) fit into 11 characters. Those will normally be readable, but *not* just digits -- you need 64 possible characters, so you typically use upper and lower case letters, digits, and 2 more characters of your choice ("+" and "/" are pretty common).
Jerry Coffin  2010-09-01 03:36:58
@Marplesoft @Jerry I think he should be okay, you are looking at it the wrong way, assuming the number he provided was a decimal number it is 0xBC614E, that is 3 bytes. the largest 8 digit decimal number is 4 bytes. Assuming 4 bytes and an equal-size encryption method, the largest equivalent number is 4 294 967 295. exactly 10 digits.
jbcreix  2010-09-01 09:48:53
@jbcreix: In theory you're right. In reality, however, the same problems arise: you can't do ECB on anything less than one block (8 bytes with DES/3DES). CFB requires an IV (itself 8 bytes). To take advantage of the smaller input size, you need switch to a real stream cipher -- which usually uses an vaguely IV-like block itself...
Jerry Coffin  2010-09-01 13:23:40

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security