Re: Newbie data size encryption questions

From: tomstdenis@xxxxxxxxx
Date: 18 Mar 2006 12:50:39 -0800

JG wrote:

If I use a symmetric cipher like DES or 3DES, what is the minimum
amount of data that I can encrypt without the system being insecure?
For example, if i wanted to encrypts strings of say 5 or 10 characters,
is there a security problem here? Is there a problem if the first few
characters (or others) of the string are sometimes the same?

Are there any general principles w.r.t. encryption of small amounts of
data using ymmetric keys?

Only problem is any secure mode you want to use will probably need
extra storage. LRW would expand it to the size of the cipher [e.g. 16
bytes for AES] and other modes like CTR would need an IV.

If you can avoid encrypting only single strings per session you can
mitigate the overhead by having an IV per block of strings, etc, etc.

Eitherway don't use DES or 3DES. AES is faster, more standard and
easier to use (since you don't need 3-key mode to get decent security).

Tom

.

References:
- Newbie data size encryption questions
  - From: JG

Prev by Date: Newbie data size encryption questions
Next by Date: Re: GMP versus TFM on an AMD64
Previous by thread: Newbie data size encryption questions
Next by thread: Re: Newbie data size encryption questions
Index(es):
- Date
- Thread

Relevant Pages

Re: Cryptographic protocols, again
... decrypted (to prove that I really did encrypt all thirty-six dice rolls). ... Server picks from a random set of strings ... Encrypt the 36 strings with your own private key AND ...
(rec.games.backgammon)
Re: Cross platform password string encryption
... few people use Delphi or C# compared to C ... The consuming code doesn't use the library code in the right way. ... a raw key directly to the encrypt routine. ... The consuming code is trying to pass strings to the routines and ...
(sci.crypt)
Re: One-Time Pads [was: Re: Help: Randomizing a List of Numbers]
... > never repeat the use of one of those strings then throw away the key. ... Checking my home machine, I see the following: ... if I were to use a one-time pad to encrypt traffic ... A CD a month, or even a CD a week, would not be a distribution nightmare. ...
(sci.crypt)
Re: Storing connection strings
... An answer will depend heavily on who you are trying to protect it from, ... might also encrypt the key value. ... again perhaps encrypted and the keys protected by ACLs. ... Search for "COM+ Object Constructor Strings". ...
(microsoft.public.vb.database)
Re: Linux System Users Login/Password?
... So far I've managed to pull all of the shadow password strings out and into a database, but is there any way of 'matching' the encrypted strings if you are given the plain text version, like with md5? ... PHP has a function named 'crypt' that will encrypt strings in the same way the password is encrypted into the password file. ... Do you really want to pull all the shadow entries into a database? ...
(comp.lang.php)