Menu
I would like to know the size of data after AES encryption so that I can avoid buffering my post-AES data(on disk or memory) mainly for knowing the size.
I use 128 bit AES and javax.crypto.Cipher and javax.crypto.CipherInputStream for encryption.
A few tests performed with various input sizes show that, the post encryption size calculated as below is correct:
long size = input_Size_In_Bytes;
long post_AES_Size = size + (16 - (size % 16));
But I am not sure whether the above formula is applicable for all possible input sizes.
Is there a way to calculate the size of data after applying AES encryption – in advance without having to buffer the encrypted data(on disk or memory) to know its post-encryption size?
243
AES does not expand data. Moreover, the output will not generally be compressible; if you intend to compress your data, do so before encrypting it. However, note that AES encryption is usually combined with padding, which will increase the size of the data (though only by a few bytes).
The AES algorithm requires that the IV size must be 16 bytes (128 bits). So, if we provide an IV whose size is not equal to 16 bytes, an InvalidAlgorithmParameterException will be thrown.
The AES processes blocks of 16 bytes and knows nothing else. On the other hand, it does not matter at all, since you will not practically reach that 268 bytes limit: AES was defined with 128-bit blocks precisely so that we could encrypt terabytes of data without worrying about a key running out of juice.
AES has always 128-bit block size with 128,192 and 256-bit keyspaces. Therefore, you can encrypt 16-byte at a time if you are using ECB and CBC modes.
AES has a fixed block size of 16-bytes regardless key size. Assuming you use PKCS 5/7 padding, use this formula,
cipherLen = (clearLen/16 + 1) * 16;
Please note that if the clear-text is multiple of block size, a whole new block is needed for padding. Say you clear-text is 16 bytes. The cipher-text will take 32 bytes.
You might want to store IV (Initial Vector) with cipher-text. In that case, you need to add 16 more bytes for IV.
50
AES, as a block cipher, does not change the size. The input size is always the output size.
But AES, being a block cipher, requires the input to be multiple of block size (16 bytes). For this, padding schemes are used like the popular PKCS5. So the answer is that the size of your encrypted data depends on the padding scheme used. But at the same time all known padding schemes will round up to the next module 16 size (size AES has a 16 bytes block size).
45
It depends on the mode in which you use AES. What you have is accurate for most of the block oriented modes, such as ECB and CBC. OTOH, in CFB mode (for one example) you're basically just using AES to produce a stream of bytes, which you XOR with bytes of the input. In this case, the size of the output can remain the size of the input rather than being rounded up to the next block size as you've given above.
33
Generally speaking, for a block cipher encryption:
CipherText = PlainText + Block - (PlainText MOD Block)
ciphertext size is computed as the size of the plaintext extended to the next block. If padding is used and the size of the plaintext is an exact multiple of the block size, one extra block containing padding information will be added.
AES uses block size of 16 bytes, which produces:
CipherText = PlainText + 16 - (PlainText MOD 16)
Source: http://www.obviex.com/articles/CiphertextSize.pdf
Note:
33
The AES cipher always works on 16-byte (128-bit) blocks. If the number of input bytes is not an exact multiple of 16, it is padded. That's why 16 appears to be the "magic number" in your calculation. What you have should work for all input sizes.
33
AES works in 128-bit (16 bytes) blocks and converts cleartext blocks into cyphertext blocks of the same length. It pads the last block if it is shorter than 16 bytes, so your formula looks correct.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
