Reputation: 459
How do I encrypt a string and get a equal length encrypted string?
My problem is the following:
In an existing database I want to encrypt data in a couple of columns. The columns contains strings of different lengths.
I don't want to change the size of the columns so the encryption need to produce an equal length text representation of the input text.
The strength of the encryption algorithm is of secondary interest but of course I want it to be as strong as it can be. Otherwise I wouldn't need to encrypt the data. But the most important thing is the size of the output.
Is this possible? If so how would I do it?
I'm interested in doing it in .NET. No database-level encryption.
Upvotes: 13
Views: 18604
Answers (8)
Reputation: 1714
Secure encryption requires that the ciphertext be larger than the plaintext; otherwise identical plaintext always results in identical ciphertext, and there's no such thing as an invalid ciphertext, which are both weaknesses.
However, if you really can't expand the data you're encrypting, the best you can do is a tweakable block mode. Look up XTS and CMC modes which are used for disk encryption.
Upvotes: 2
Reputation: 1491
Within your constrants, I would use AES in CFB mode, which turns it into a stream cipher and the output length will be the same as the input length. Unless you're storing the strings in blobs, you'll need to hex or base64 encode the output to make it char friendly, which will be a 100% or 33% increase in length.
One .NET implementation is here.
Upvotes: 21
Reputation: 3856
Ideally, if the existing columns are larger than a single block in a standard block cipher (16 bytes for AES, 8 bytes for TDES), then you could encrypt in CTS (cipher text stealing) mode. Unfortunately, .net does not support CTS in any of its included algorithms. :-(
Normally CTS uses a random IV that would have to be stored along with the ciphertext, but you can just use the row ID or even a constant value if you don't mind identical plaintext values encrypting to identical ciphertext.
Upvotes: 1
Reputation: 3194
You might look for a tweakable block cipher. If your rows have a unique identifier (e.g. a primary key) then the unique identifier can be used as a tweak. The advantage of this kind of encryption is that you don't need any IV's to randomize the encryption. Even if a column contains the same value multiple times, this value gets encrypted differently, because of the tweak.
A less secure solution is to use a block cipher in counter mode and use the unique identifier to compute the counter. But this mode has a severe disadvantage: You can't securely reencrypt fields unless you also change the unique identifier.
Since both cases don't randomize the ciphertext, it is possible that an attacker can observe if a certain field has changed. This might leak some valuable information. Also note that neither case gives you any data integrity. Even if an attacker can not decrypt information, he might still be able to change it to his advantage.
Upvotes: 2
Reputation: 8756
This is usually impossible, because (in a naïve way) you would expect the encrypted string to hold more information than the plain text.
Vague ideas for solving your problem:
- Map your number onto a shorter text string: two digits could map into one character.
- Can you avoid encrypting the first x digits?
- What are the possibilities for encrypting it as an integer rather than text?
Upvotes: 1
Reputation: 152797
Any block cipher will do. Essentially, you input a fixed length block and get a similar size encrypted block back. The cipher is a permutation from {0,...,2^blocklength} to {0,...,2^blocklength}. (The input length has to be padded to a block length boundary.)
The problem here is that if the columns are text, you cannot necessarily place binary cryptotext in them and you'll have to encode the data to a text format such as base64 (33% size increase).
AES is a block cipher standard that is widely available.
Upvotes: 1
Reputation: 12910
You should take a minute and think of the real problem you're trying to solve. I've seen very few instances where database encryption was really nessecary, since information rarely flows directly from the database to an end user.
If you need to protect content of the database, then you should perhaps look into its standard access control mechanisms instead.
Upvotes: 3
Reputation: 70314
The Vigenère cipher can do that. But it is old (pre-computer) and only secure if your key phrase is longer than the longest string you want to encrypt. Plus, having a database full of strings encrypted with the same key phrase will probably make this a week encryption, especially if the plain texts can be guessed.
It works more or less like the cesar shift algorithm (add n to each letter in plain text), except that n is different for each letter being changed, based on a key phrase.
If your key phrase is ABCDEFG, then it means n=1 for first letter of input, 2 for second letter of input etc.
With a random key phrase longer than the plain text, the output is just as random (secure). But I believe this will break down if you have many strings encrypted with the same key. ..
Upvotes: 1
Related Questions
- How to encrypt a guid into equal length string in C#?
- Simple short Encrypt string to fixed length n matter what the input string length is
- How to encrypt a string in c# but with special out put result?
- Encrypt and Decrypt a string to fixed length
- Same encrypted Text with AES must result in different length
- Encrypt a string to match length of original string
- Make encrypted string same length as input string?
- Encrypt a number to another number of the same length
- How do I encrypt a string of text so that the encrypted string is different each time even though the value is the same