000027360 - Does the RKM 2.1.x+ client produce encrypted data with variable header sizes?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000027360
Applies ToKey Manager Client 2.5.x
Key Manager Client 2.1.x
IssueRKM: encrypted data header size
Encrypted data with header will be larger in size than the original data. I have 13 bytes original data; after encryption, it is 137 bytes. I tried another one with 24 bytes; the encrypted is 153. The question is about the header size. How large it is? Is it fixed length or variable? The difference I got(137-13=124, and 153-24=129) is simply header difference or other?

The 1.5.x client had variable header sizes, but the 2.1.x+ client header has a fixed size of 121 bytes for encrypted data. The differences you are seeing has to do with the block size of the encryption algorithm. AES has a 16 byte block size, so anything encrypted with AES will be padded up to the next multiple of 16 bytes.

For example: If you encrypt 13 bytes, you will get 16 bytes of encrypted data. If you encrypt 24 bytes, you will get 32 bytes of encrypted data.

13: 16 + 121 = 137

24: 32 + 121 = 153

If you encrypt an exact multiple of the block size, 16 bytes of padding will be added.

Legacy Article IDa48957