# Re: Minimal length of encrypted data - which algorithm?

*From*: Kristian Gjøsteen <kristiag+news@xxxxxxxxxxxx>*Date*: Wed, 31 Jan 2007 13:38:05 +0000 (UTC)

SST <lkozlowski_CUT_IT@xxxxxx> wrote:

I think it's a simplem question, but I cannot find in any description of

any algorithm information about the minimal length of encrypted data.

I am interested in obtaining such an information for symmetric-key

algorithms, like DES.

Is there any algorithm which ensures that the output will be at least

i.e. 32 characters (bytes) long - no metter whether the input is long

(i.e. 20 characters) or short (i.e. 1 character)?

If you only require a minimal ciphertext length, not maximal, then you can

use any reasonable scheme to encrypt a message padded with a sufficient

number of zeros.

If you want ciphertexts of _exactly_ 32 bytes, then you can construct

reasonable schemes: Let the first byte contain the number n of bytes

in the message, insert randomness into the first 32-n-1 bytes and use

AES in CBC mode without IV to encrypt. The maximal safe message length

depends on the number of messages you want to encrypt.

Another alternative is to use a 256-bit block cipher (Rijndael, for

example) and pad the message with some randomness (the amount again

depends on the number of messages you want to encrypt).

--

Kristian Gjøsteen

.

**References**:

- Prev by Date:
**Minimal length of encrypted data - which algorithm?** - Next by Date:
**Unknown signs at my doorbell** - Previous by thread:
**Minimal length of encrypted data - which algorithm?** - Next by thread:
**Unknown signs at my doorbell** - Index(es):