Re: Minimal length of encrypted data - which algorithm?

SST <lkozlowski_CUT_IT@xxxxxx> wrote:
I think it's a simplem question, but I cannot find in any description of
any algorithm information about the minimal length of encrypted data.
I am interested in obtaining such an information for symmetric-key
algorithms, like DES.
Is there any algorithm which ensures that the output will be at least
i.e. 32 characters (bytes) long - no metter whether the input is long
(i.e. 20 characters) or short (i.e. 1 character)?

If you only require a minimal ciphertext length, not maximal, then you can
use any reasonable scheme to encrypt a message padded with a sufficient
number of zeros.

If you want ciphertexts of _exactly_ 32 bytes, then you can construct
reasonable schemes: Let the first byte contain the number n of bytes
in the message, insert randomness into the first 32-n-1 bytes and use
AES in CBC mode without IV to encrypt. The maximal safe message length
depends on the number of messages you want to encrypt.

Another alternative is to use a 256-bit block cipher (Rijndael, for
example) and pad the message with some randomness (the amount again
depends on the number of messages you want to encrypt).

Kristian Gjøsteen