Java AES cipher text size

Question

I\'m using a very standard way of Java AES encryption / decryption.

byte[] key = hexStringToByteArray(\"C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF\");

byte[] message = he         


        

Answer 1

There are a couple of mandatory things to get out of the way before approaching your question. One thing that I see in this code that is potentially dangerous is that the cipher isn't specified with explicit mode and padding. This means it is up to the provider defaults. If this is the provider currently distributed with Oracle's JVM, those defaults are ECB and PKCS5Padding. If those are what you want to use then specify them this way:

 Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");

The second is that ECB isn't a good choice of modes to use because it isn't very secure. CBC is a much better option since it makes use of an initialization vector.

On to the question. The reason for the size of the encrypted text is due to the padding scheme, in this case PKCS5. The padding is necessary to ensure that the plain text is of a length that the algorithm can handle. For AES, it must be a multiple of 16 bytes. In the case where the unencrypted data's length is already a multiple of 16 bytes, the padding must add an additional 16 bytes (see jbtule's comment here). Initializing the Cipher like this produces 16 bytes of encrypted data:

Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");

This requires that the unencrypted data is already a multiple of 16 bytes in length since it won't pad it at all. If it isn't, an exception is thrown.

It might be beneficial to understand exactly what you are trying to do to give a good recommendation.