Win a copy of Get Programming with Java (MEAP only) this week in the Beginning Java forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Bear Bibeault
  • Knute Snortum
  • Liutauras Vilda
Sheriffs:
  • Tim Cooke
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Ron McLeod
  • Ganesh Patekar
  • salvin francis
Bartenders:
  • Tim Holloway
  • Carey Brown
  • Stephan van Hulst

Length of Encrypted String Longer than Original String... Help  RSS feed

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Sirs et Madames,
I am trying to create a Java application which takes a userID and then encrypts it. The code am using is just something I picked up off the net, I have NO experience with encryption. The problem is that even though the string to be encrypted should (and always will be) 10 characters long, the result is always 24 characters. Considering that the encrypted result will be transformed into a barcode, that creates a rather large barcode, unsuitable for my needs. Am sure there must be a way whereby I encrypt a 10 character string and get back a ten character encrypted version? The code I have is as below:



From what I understand, a triple DES key has to be a 24 byte array. What are the alternatives so that the encrypted version I get back is of the same number of characters (or less, if possible) than the original text?

Also, I am not sure as to how well suited this solution is to my problem. Will different Java Virtual Machines produce different keys, meaning that multiple installations will not be able to reproduce the same encryption given the same keyString?

Is there a simpler solution, considering that the only thing I desire is that the USER_ID is obfuscated to the human eye (doctors, nurses, prying eyes cannot tell WHO these blood results belong to, only the system can). In which case is there not a simple(r) obfuscation algorithm I could use?



Thanks in advance,
Tumaini
 
Saloon Keeper
Posts: 5134
135
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
For something as sensitive as medical data, onfiscation won't do - you must use encryption. Make sure you understand all the legal requirements of handling medical data.

Encryption algorithms work the same across JVMs. As long as you're using the same key, it should work on whichever JVM the code runs on.

Is there an actual problem with handling 24 characters? Since you're using base-64 on the result, it will always be longer than what you started with.

Lastly, Triple-DES has fallen out of favor as it's kind of dated. Consider using AES instead: http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html
 
The first person to drink cow's milk. That started off as a dare from this tiny ad:
Programmatically Create PDF Using Free Spire.PDF with Java
https://coderanch.com/wiki/703735/Programmatically-Create-PDF-Free-Spire
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!