Reputation: 3250
How to control length of encrypted String (Cryptography - Encryption)
For example, i'd like to pass in a String "abc" then output encrypted string should be of 32 byte, and when I'd like to pass "abcdef" then output should be of 32 byte also. In other words I want fix length enrypted output. I know my upper limit. Like I know my string would never go beyond 8 characters. It will be of max 8 characters or shorter than 8. It would never exceed than 8.
If anyone share code in java Cipher, then it would be great.
Upvotes: 1
Views: 6235
Answers (2)
Reputation: 434
It depends on the encryption algorithm, mode and block size.
For example AES uses a fixed block size of 128 bits (16 bytes), CBC and ECB modes will return a fixed length, this length would be a multiple of 128.
If you use ECB mode and your input byte array length is 10 then you must add 6 bytes of padding in order to complete the block.
There are many ways to pad the block, you can use PKCS5 or PKCS7.
In java you can use Bouncy Castle's library https://www.bouncycastle.org/ Make sure you use a secure IV and derived encryption key
In the following example padding is handled by the library
public byte[] genIV() {
byte[] iv = new byte[16];
new SecureRandom().nextBytes(iv);
return iv;
}
public byte[] encrypt(byte[] plaintext, byte[] secretKey, byte[] iv) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException {
Cipher in = Cipher.getInstance("AES/ECB/PKCS5Padding", "BC");
Key key = new SecretKeySpec(secretKey, "AES");
in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
return in.doFinal(plaintext);
}
public byte[] decrypt(byte[] ciphertext, byte[] secretKey, byte[] iv) throws InvalidAlgorithmParameterException, InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
Key key = new SecretKeySpec(secretKey, "AES");
Cipher out = Cipher.getInstance("AES/ECB/PKCS5Padding", "BC");
out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
return out.doFinal(ciphertext);
}
Bear in mind that each character in a String, depending on the charset, is at least 8 bits long, in your example "abcdef" is at least 6 bytes long
Upvotes: 2
Reputation: 5636
You should apply a padding scheme. Padding schemes are designed to complete the plaintext so that they can fit into the block size of a block cipher.
You asked 32 Bytes this means the for the AES two block of encryption. You didn't specify what type of security so, I will consider CTR mode of operation that will require IV to transmit.
- Let XX XX XX XX XX XX XX XX represents your 8-Byte string
for example ANSI X.923 padding scheme, append 0's and at the end the length of your message. Then
XX XX XX XX XX XX XX XX 00 00 00 00 00 00 00 08
will be your plaintext. 08 is the byte lenght of your plaintext.
for example, PKCS#5 and PKCS#7 padding scheme, append the length of your message with repeated, then
XX XX XX XX XX XX XX XX 08 08 08 08 08 08 08 08
will be your plaintext.
These paddings are designed to for one block. They extend the next block if the block is already full.
Solutions;
- Re-pad the padded message that you will get two blocks.
- Encrypt the encrypted message in the CTR with the counter incremented.
- Design a padding for yourself.
Upvotes: 0
Related Questions
- How to encrypt String in Java
- How to encrypt a text so that the length of the output is not more than 100 characters in java
- How should I get AES to work on strings of arbitrary length in Java?
- Encrypting String with Java
- How to encrypt string to a limited length string in Android
- Encryption Technique to Generate Smaller string in Java
- Java PBE encrypted string length same as input
- Length of Encrypted String
- How to control length of encrypted String?
- AES encryption output length