Reputation: 23
About data length after encryption by Cipher
Please tell me about the data length of encryption and decryption using Java. When Cipher.dofinal() was executed with DES / CBC / PKCS5Padding specified, the unencrypted data with a data length of 8 bytes became 16 bytes after encryption. Is there a way to make it 8 bytes?
Upvotes: 0
Views: 307
Answers (1)
Reputation: 15693
DES is obsolete and no longer secure. AES is much better.
Both AES and DES are block ciphers which encrypt data in chunks: blocks. A DES block is 64 bits, 8 characters, while AES uses 128 bit blocks, 16 characters. When you split the plaintext into blocks, there may be some odd characters left at the end. Cryptographic padding is used to extend the plaintext to the next block boundary. In your case you are using PKCS5 padding to do this.
With an 8 byte plaintext in DES, your padding is adding 8 bytes before encrypting because padding is always added. Hence your 16 byte cyphertext: 8 bytes of encrypted plaintext and 8 bytes of encrypted padding.
If you really need just 8 bytes of cyphertext then use NoPadding or whatever the equivalent is on your system. That omits any padding, but leaks information about the length of your plaintext.
From a security point of view you would be better off switching to padded AES and accepting a 16 byte cyphertext.
Upvotes: 1
Related Questions
- Can a cipher be shorter than the original text?
- Size of data after AES/CBC and AES/ECB encryption
- Size of decrypted data with AES/ECB
- Size of data after AES decryption
- Length of Encrypted String
- Length of Encrypted Text using AES-256-CBC
- long keys and data are same size
- Encryption length
- Revealing the length of the plain-text?
- AES encryption output length