REPOST: Re: 3DES Encryption Storage Size

From: Joseph Ashwood (ashwood_at_msn.com)
Date: 10/25/05 

Date: Tue, 25 Oct 2005 20:49:18 GMT

"Larry" <lhowe2005@gmail.com> wrote in message
news:1130262392.415479.239810@g44g2000cwa.googlegroups.com...
> Let's say that I have a 10 character textual value that I want to
> encrypt using 3DES (via the CreateEncryptor method of the .NET
> TripleDESCryptoServiceProvider class). I want to store the encrypted
> byte array into a varbinary column in SQL Server 2000. How do I know
> what my maximum size of this varbinary column should be?

3DES works on 8-byte chunks, so first round your data up to 8 bytes, then
because you'll be using it in a secure mode add 8-bytes for the IV, and you
should be using a MAC so add another 8-bytes for another IV and another
8-bytes for MAC storage, totalling 40-bytes for your case, you may have to
Base-64 encode it afterwards depending on how SQL Server deals with
non-printable characters. However I would recommend that you instead use
AES, it's faster, newer, believed to be more secure, and the 16-byte block
has many advantages, even though it would move the storage requirements to
64-bytes. The biggest reason to make this change is that once you hot 2^32
3DES outputs you will see insecurities, and this will lower the security of
the credit card numbers you're storing, with AES this number moves to 2^64
which is fairly well unachievable.
                        Joe

========= WAS CANCELLED BY =======:
Path: ...newsfeed.news2me.com!nx01.iad01.newshosting.com!newshosting.com!216.196.98.140.MISMATCH!border1.nntp.dca.giganews.com!nntp.giganews.com!local01.nntp.dca.giganews.com!nntp.rcn.net!news.rcn.net.POSTED!not-for-mail
NNTP-Posting-Date: Tue, 25 Oct 2005 16:18:14 -0500
From: "Joseph Ashwood" <ashwood@msn.com>
Control: cancel <iTw7f.6966$tV6.1126@newssvr27.news.prodigy.net>
Subject: Cancel "Re: 3DES Encryption Storage Size"
Newsgroups: sci.crypt
Date: Tue, 25 Oct 2005 21:12:39 GMT
Message-ID: <zHa3f.4077$gV3.1837@newssvr27.news.prodigy.net>
X-Mailer: Mew version 1.94.2 on Emacs 20.3 / Mule 4.0 (DONKAZOF)
Lines: 2
NNTP-Posting-Host: 64.121.22.24
X-Trace: sv3-MTm37AeCi2jsjQzQLdGA4TI143LLwD8voR+VOvX+8qZJA47dSKl/KJrs6aTMTAjfrQaGQazNHw+ISab!Zzqjrq7eWQhV50qcT22fc3UENPbC5iyKvaKs56ufzwN5fESwTj1sYe5RcO4ZyVmqxr+4H9xrgAlA!U1r0Vpa7
X-Complaints-To: abuse@rcn.net
X-DMCA-Complaints-To: abuse@rcn.net
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.32

Relevant Pages

  • Re: Re RW on Working-Storage (was J4 - presentationdiscussion on Future of the COBOL Standar
    ... IBM mainframe compilers that I know about, do NOT "destroy" storage ... working-storage in "initial state" the next time it is called. ... "run-time" switch to determine whether storage is or is not freed by a CANCEL ...
    (comp.lang.cobol)
  • Re: Cohens paper on byte order
    ... Big-endian is an order in which the ... > stored first (at the lowest storage address). ... > significant value in the sequence) is stored first. ... No. AES specification defines a term 'byte'. ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... I mean by "index" exactly what FIPS-197 specifies ... the issue remains of how to map external storage ... organized as multibit numerical values onto AES ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... AES does define a mapping onto sequences of bits. ... I said "bits in storage", ...
    (sci.crypt)
Quantcast