I am using javax.crypto.Cipher class for encrypting a 32 char string. I am using the "PBEWithMD5AndTripleDES" algorithm for encryption. The output of the encryption is around 50 characters. My problem is that I need to limit the number of characters in the encrypted output to 32 or less (The input string will be 32 chars, cannot be compromised). Is there a way of doing this ?
Thanks, Aju
Ulf Dittmer
Marshal
Joined: Mar 22, 2005
Posts: 35241
7
posted
0
I don't think there's a cipher that produces a shorter string, i.e. compresses the original string. Encryption usually adds entropy, so that the string gets longer. Have you tried other ciphers? Why can't the encrypted string be longer than the source?
Thanks for the reply. It is a requirement of my application that the encrypted string needs to be 32 chars or less. Unfortunately the input string is also 32 chars. I was just hoping against hope to find a way to meet this req.
You could try compressing the data first using the zip package, then encrypting the compressed data, which should shorten the resulting encrypted data.
greg stark
Ranch Hand
Joined: Aug 10, 2006
Posts: 220
posted
0
You cannot use one of the PBE ciphers because they encode a salt and an iteration count along with your ciphertext. These things increase security, so you'll need to either supply them or something equivalent out-of-band, set them to constants, or live the dangerous life without them.
That said, you can still build your own version of a PBE-based cipher. If your plaintext is always 32 bytes, you can use any supported block cipher including AES. You'll need to supply an initialization vector to Cipher.init(), but you can derive the IV along with the key from the password. Details on how to do this correctly are contained in PKCS#5, http://www.rfc-editor.org/cgi-bin/rfcdoctype.pl?loc=RFC&letsgo=2898&type=http&file_format=txt.
0
