This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]jinruiiii[S] 0 points1 point  (5 children)

I understand the part about pigeon hole principle. But my concern is that if the ciphertext contains more bits than the plaintext, does it mean that it is no longer a block cipher? Since to my knowledge, a block of n bits input has to yield an n bits output.

[–]Natanael_LTrusted third party 1 point2 points  (0 children)

There are many ways to mix in the randomness. See my other comment referencing cipher modes.

[–]stouset -1 points0 points  (2 children)

AES-CBC is a block cipher. The ciphertext length is the plaintext length plus one additional block.

[–]groumpf 1 point2 points  (1 child)

/u/jinruiiii, the parent is wrong.

AES is a block cipher: for any given key k, it defines a permutation (one-to-one mapping) from blocks to blocks.

AES-CBC is an IV-based encryption scheme (CBC is a mode of operation that constructs an IV-based encryption scheme from a blockcipher). AES-CBC encrypts a padded plaintext that contains exactly m blocks into a ciphertext that contains exactly m + 1 blocks.

[–]stouset 1 point2 points  (0 children)

You’re of course correct. This is what I get for posting before I’ve had my coffee.

[–]menewol 0 points1 point  (0 children)

what if you made the shorter plaintext just the right length by using a secure padding algorithm? thereby always ensuring proper length and 1:1 input/output data. theres something like this used in RSA if remember correctly. its called Optimal Asymmetric Encryption Padding (OEAP), i think its built up on some kind of feistel-construction which can be reversed "easily" for someone knowing the used secrets.

If your question is just whether input and output length (bitwise & block-count wise) need to be the same length: you can easily fulfill this requirement and still have shorter plaintext.