How Many VarBinary for each Ascii Char Aes Encrypted KeySize=256,BlockSize=256

P

Phil C.

Hi. I'm wanting to encrypt customer name, address, etc. information using
Aes with a KeySize of 256 and a BlockSize of 256. Either for each ascii
character or say for a maximum length 50 characters for a field, how many
bytes will this generate and how do I translate
this into the number of VarBinary ???items that I allocate in my Sql Server
2000 table??

Phil
Boston, MA
 
J

Joe Kaplan \(MVP - ADSI\)

I'd suggest the best thing to do would be to try it out and see. AES uses
padding backed on the block size, so you should get consistent sizes back.
Assuming you are using UTF8 encoding to convert your plain text to a byte
array for encryption, you could potentially get variable sizes of input
data, but if all of the characters you are encoding are ASCII, then that
should be consistent as well.

You might also consider converting your encrypted data to Base64 to store in
the db. That might be easier to deal with than storing as raw binary. It
will be 4/3 the size of the original byte array, but then you can just use
varchar.

Joe K.
 
P

Phil C.

Joe,

Thanks again for the detailed advice.
VarBinary seems also somewhat nebulous to me, as the definition I get from
Robert Viera's
Sql Server 2000 Programming Book says:
"Size in Bytes: 'Varies' ", "Variable length binary data with a maximum
length of
8,000 bytes."

So lets say I use UTF8, for 50 ascii characters I would expect 50 bytes, and
from the above VarBinary
definition, this implies that I could get away with the database column as
VarBinary 1 ???

Phil
 
J

Joe Kaplan \(MVP - ADSI\)

SQL is definitely not my thing and I've never used a varbinary column.

With AES, if you input 50 bytes, you should get an even multiple of 256 bits
(32 bytes) back, so I'd expect it will take 64 bytes to store 50 plain input
bytes. UTF8 should produce 50 bytes for 50 ASCII characters.

I still like the idea of using varchar and coverting your encrypted output
to base64. Then you store in SQL as a simple string. Seems easier to deal
with to me.

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,734
Messages
2,569,441
Members
44,832
Latest member
GlennSmall

Latest Threads

Top