Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Length of Encrypted String Longer than Original String... Help

 
Tumaini Kilimba
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Sirs et Madames,
I am trying to create a Java application which takes a userID and then encrypts it. The code am using is just something I picked up off the net, I have NO experience with encryption. The problem is that even though the string to be encrypted should (and always will be) 10 characters long, the result is always 24 characters. Considering that the encrypted result will be transformed into a barcode, that creates a rather large barcode, unsuitable for my needs. Am sure there must be a way whereby I encrypt a 10 character string and get back a ten character encrypted version? The code I have is as below:



From what I understand, a triple DES key has to be a 24 byte array. What are the alternatives so that the encrypted version I get back is of the same number of characters (or less, if possible) than the original text?

Also, I am not sure as to how well suited this solution is to my problem. Will different Java Virtual Machines produce different keys, meaning that multiple installations will not be able to reproduce the same encryption given the same keyString?

Is there a simpler solution, considering that the only thing I desire is that the USER_ID is obfuscated to the human eye (doctors, nurses, prying eyes cannot tell WHO these blood results belong to, only the system can). In which case is there not a simple(r) obfuscation algorithm I could use?



Thanks in advance,
Tumaini
 
Tim Moores
Bartender
Posts: 2733
36
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For something as sensitive as medical data, onfiscation won't do - you must use encryption. Make sure you understand all the legal requirements of handling medical data.

Encryption algorithms work the same across JVMs. As long as you're using the same key, it should work on whichever JVM the code runs on.

Is there an actual problem with handling 24 characters? Since you're using base-64 on the result, it will always be longer than what you started with.

Lastly, Triple-DES has fallen out of favor as it's kind of dated. Consider using AES instead: http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic