I'm working on a system that requires a database and we would like to encrypt the data in certain table fields. Lets say it is name information (which it isn't really nor is it credit card info so arguments about how credit cards should really be treated/stored/not-stored aren't useful.) Names are variable length but up to some maximum so if you were to store them plaintext you might make field name VARCHAR(32). I have a few questions: 1) block encryption produces ciphertext that is possibly longer than the plaintext. I'm using mcrypt and I don't know which encryption algorithm I am going to use yet. Is it possible to predict what the maximum length of the ciphertext will be? I need to know this so that I can pick a larger VARCHAR(???) that is capable of holding the ciphertext that results from the block encryption of the plaintext (that is at most 32 characters) I would rather be precise and not waste space with something like VARCHAR(2048). 2) If it is predictable could somebody elaborate on the function used to predict the cipher length given a plaintext length of "n"? f(n) == ? feel free to insert other useful variables such as key length or such. 3) If my plaintext is not an even block size in length I assume the ciphertext will have appended padding data to fill the blocks it needs. When I decrypt such a cipher text do I get back my exact plaintext or do I get back plaintext plus the padding that was used? Thank you, Jeff Wiegley -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
