On Sun, Sep 28, 2003, Pierre De Boeck wrote: > I would like to know the overhead in size when encrypting > a message of n bytes with 3DES. > > A simple rule of thumb says that it will be n bytes plus > the padding needed for n to be a multiple of 64 bits (8 bytes). > > Is it correct? and how the different modes (CBC,..)+ initialization > vector influences that rule?
Block ciphers encrypt data in multiples of the block size so if the input data isn't a multiple of the block size it has to be padded. Standard block padding (aka PKCS#5 padding) adds k bytes each of value k where k = block_size - input_size%block_size note this means that if the input is already a multiple of the block size then block_size bytes are added. This is so the decrypter can unambiguously determine the size of the input data. That assumes standard block padding. You can disable standard block padding in the EVP calls but then you have to provide your own scheme to ensure the input is a multiple of the block size. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
