1

I need to encrypt a string of 20-32 characters in my Android application, but the string generated have to be as small as possible, preferably 10-20 characters (max 32 characters anyhow). It's a necessary requirement for my app (doesn't matter the type of encryption).

I have no knowledge about cryptography technics, it's my first time using Android Crypto APIs.

I used this example as a start, it works but the generated string is too big.

Can you tell me please what i have to change to that code to achieve this? Or can you provide me some tutorial about this?

Note: I will mark as correct answer the answer with full code or link to a tutorial. Thanks!

UPDATE:

1) The algorithms I was thinking to use are AES CBC or CFB-8. With this encryption the length of the generated string is 64. I wasn't been able reduce the length to 32. Can you suggest a way to do this?

2) The thing is this string gets encrypted on a java web app, written on a rfid tag and decrypted on the Android app. How can I manage the encryption keys?

3) I didn't find any implementation/tutorial of the FPE (Format-Preserving Encryption) algorithm. Can you provide me one?

UPDATE 2:

I've decided that I need a more simple algorithm because it's enough that an average user not being able to read the information on the rfid tag. But the requirement of max 32 characters generated remains. Suggestions?

P.S. No matter what algorithm i tried in the above example and even if the input string had one letter, the size of the ciphertext was 64. (AES/ or DES/ CTR, CBC, ECB, CFB)

Improve this question
5
  • 1
    What you refer to is compression. Which is difficult on a string of such size. stackoverflow.com/a/3649538/940834 . In terms of encripting, you would also need to be careful not to increase the size. Each encripted char needs to ideally be just another single char Commented Jan 15, 2014 at 16:50
  • Not a direct information, but you could look up "format preserving encryption" and possibly follow Crypto I on Coursera from Dan Boneh... Note that "doesn't matter what type of encryption" raises a few concerns about the security of your protocol/software. Commented Jan 15, 2014 at 17:08
  • 2
    Is the goal to have it encrypted or compressed? Commented Jan 15, 2014 at 17:20
  • Can we see some example data? Commented Jan 15, 2014 at 17:37
  • I think you this answer will help you: stackoverflow.com/a/43847181/5157800 Commented May 2, 2018 at 15:52

1 Answer 1

Reset to default
1

If you encrypt data (the plaintext) that can take any form, then the result (the ciphertext) must be at least the same size. The reason is simple: if your result would be smaller, then there would be multiple possible plaintext for some values. So encryption of your data will never make it smaller.

We cannot make a good scheme with the information you've given. And you cannot test if what we propose is secure. Even if we know more about your information, then this kind if encryption is extremely tricky. So I'm afraid you will have to learn e.g. format preserving encryption yourself. Or hire an expert.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.