|
Database Field Size for Encrypted StringsBack
We have a field that is 25 characters in length that a user can specify on a form. We then want to encrypt this string and store the value in a database. The encrypted string of course is longer than 25 characters but I am not sure how big I need to make the field in the database. When I set the EncodingMode to base64 the length seems totally different each time, depending on what has been input. Do you know what the maximum length could be for a 25 character string encrypted using base64 could be? I then tried setting the encoding method to hex which seems to always return the same length. Is this always guaranteed to be the same length or is it just that I have been lucky each time I type in something. Also, is hex and less encrypted than base64, any less secure?
Answer: The encoding of the result (hex or base64) does not affect the security. The strength of 128-bit AES (or Blowfish/Twofish) encryption is unbreakable and the resultant encoding that transforms the encrypted binary data into string form is meaningless in comparison (w.r.t. security). |
