Data size after encryption (AES encryption)

Posted on 2011-03-15
Last Modified: 2012-05-11
We have a problem in hand where we distribute an xml file to our clients. The data has to be visible to the clients on a particular date of the year (Embargo date). Since the data size is going to be large, we allow them to download the xml prior to the Embargo date, but want the data to be visible only on/after this date.

The data has two parts i. Share details which can be visible anytime ii. share portfolio details (group of data elements) which needs to remain secret till the Embargo date.

So we are thinking of encrypting the secret data elements only within the xml and publish the xml file much before the embargo date. On the morning of embargo date, we will reveal the Decryption key and the clients can use that to see the full data.

The clients on their end will download the xml prior to the embargo date and import into their system to prove that the file works fine. The portfolio details will be kept in staging area which show up as junk characters. Once the Decryption key is obtained, they can decrypt the data and see the actual characters.

We have decided to use AES encryption algorithm. The dev platform is .Net. Our objective is the keep the data file as small as possible to facilitate easy download. As I said, we don't want the whole data to be encrypted, only few data elements need to be encrypted.

The questions we are trying to answer is, how much the data size increases after encryption. This will help us take decision on whether
i. we will encrypt each secret data element individually or
ii. concatenate the secret data elements and encrypt it as one field
iii. We have another option, to separate non-secret and secret data into two files

I have seen that if I use 256 bit key, a 1 byte to 15 byte data becomes 24 bytes after incryption, 16 byte becomes 44, 100 byte becomes 152, 1000 bytes become 1344 etc.

Can anyone help me estimating the data size after applying AES encryption. This can be either using 128 bit or 256 bit key size.
Question by:tknayak123
  • 6
LVL 27

Expert Comment

ID: 35136942
How about zipping the files before transfer.

This should reduce the amount of transfer data.

Author Comment

ID: 35137143
Sorry I did not mention that earlier.
The strategy within the enterprise for similar data transfers to the client is, "compress the file just before the transfer." This is the strategy for our Transport layer. This is not a current strategy to compress it, then encrypt and then compress again.

I know, compressing the data after encryption does not help much. So in our new solution when we encrypt and then compress at the Transport layer, it is not going to help much. But we cannot change the strategy for this one requirement.

What I need to understand today is the impact of encryption on data size.

Author Comment

ID: 35139533
I have done further analysis on the increase in the data size. Here is the matrix.

1-15 bytes  becomes 24 bytes
16 bytes      becomes 44 bytes
100 bytes    becomes 152 bytes  (52 % increase)
500 bytes    becomes 684 bytes  (37% increase)
1 kb             becomes 1388 bytes (35.5% increase)
1 mb            becomes  1398124 bytes (33% increase)
>1 mb upto 30 mb, there is a 33% increase.
I have not tried data greater than 30mb.

So there is a significant increase in the data size after encryption using AES-256.
But in some of the forums, it is suggested that there is no increase in file size. One of the examples is here:
LVL 10

Expert Comment

ID: 35139560
You may want to consider using the password protection of Excel 2007 which, according to uses AES 128. As the xlsx-format is compressed anyway I consider this to be a good solution.
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!


Author Comment

ID: 35152876
The use of Excel is not considered due to compatibility reasons and company policy.
The B2B solution of the enterprise operates on certain principles, which cannot be changed easily.

Author Comment

ID: 35152889
Does anyone have experience in data encryption, who can comment on my observations (see the comments above where I have given some statistics where the data size increases after encryption).

Or does anyone contradict my views.

Accepted Solution

tknayak123 earned 0 total points
ID: 35152970
I have found the answer now.

The method to calculate the data size after encryption is described very clearly at this link:

With respect to my observations in the post above where the data size increases after encryption, that is due to applying base64 encoding.

Hope this helps everyone who is searching for this.

Author Closing Comment

ID: 35178863
I found this answer after a lot of search.

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
crm development 2 37
Wpf develop 5 32
Word Template Mail merge with 4 40
Why is "packages element is not declared"? 2 39
As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now