1

I need to encrypt a string of 20-32 characters in my Android application, but the string generated have to be as small as possible, preferably 10-20 characters (max 32 characters anyhow). It's a necessary requirement for my app (doesn't matter the type of encryption).

I have no knowledge about cryptography technics, it's my first time using Android Crypto APIs.

I used this example as a start, it works but the generated string is too big.

Can you tell me please what i have to change to that code to achieve this? Or can you provide me some tutorial about this?

Note: I will mark as correct answer the answer with full code or link to a tutorial. Thanks!

UPDATE:

1) The algorithms I was thinking to use are AES CBC or CFB-8. With this encryption the length of the generated string is 64. I wasn't been able reduce the length to 32. Can you suggest a way to do this?

2) The thing is this string gets encrypted on a java web app, written on a rfid tag and decrypted on the Android app. How can I manage the encryption keys?

3) I didn't find any implementation/tutorial of the FPE (Format-Preserving Encryption) algorithm. Can you provide me one?

UPDATE 2:

I've decided that I need a more simple algorithm because it's enough that an average user not being able to read the information on the rfid tag. But the requirement of max 32 characters generated remains. Suggestions?

P.S. No matter what algorithm i tried in the above example and even if the input string had one letter, the size of the ciphertext was 64. (AES/ or DES/ CTR, CBC, ECB, CFB)

blackwolf
  • 927
  • 2
  • 11
  • 23
  • 1
    What you refer to is `compression`. Which is difficult on a string of such size. http://stackoverflow.com/a/3649538/940834 . In terms of `encripting`, you would also need to be careful not to increase the size. Each encripted `char` needs to ideally be just another single `char` – IAmGroot Jan 15 '14 at 16:50
  • Not a direct information, but you could look up "format preserving encryption" and possibly follow Crypto I on Coursera from Dan Boneh... Note that "doesn't matter what type of encryption" raises a few concerns about the security of your protocol/software. – Maarten Bodewes Jan 15 '14 at 17:08
  • 2
    Is the goal to have it encrypted or compressed? – quinnjn Jan 15 '14 at 17:20
  • Can we see some example data? – quinnjn Jan 15 '14 at 17:37
  • I think you this answer will help you: https://stackoverflow.com/a/43847181/5157800 – Rohail May 02 '18 at 15:52

1 Answers1

1

If you encrypt data (the plaintext) that can take any form, then the result (the ciphertext) must be at least the same size. The reason is simple: if your result would be smaller, then there would be multiple possible plaintext for some values. So encryption of your data will never make it smaller.

We cannot make a good scheme with the information you've given. And you cannot test if what we propose is secure. Even if we know more about your information, then this kind if encryption is extremely tricky. So I'm afraid you will have to learn e.g. format preserving encryption yourself. Or hire an expert.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263