Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Ciphertext expansion
open-in-new
<h2 id="reasons-why-ciphertext-expansion-can-occur">Reasons why Ciphertext expansion can occur</h2> <h3>Probabilistic Encryption</h3> <p>Probabilistic encryption schemes, such as the <a href="/facts/Goldwasser%25E2%2580%2593Micali_cryptosystem/qCyjdmt7">Goldwasser-Micali cryptosystem</a>, necessarily produce ciphertexts that are longer than the original plaintexts. This is because the set of possible <a href="/facts/Ciphertexts/16q29Fdv">ciphertexts</a> must be larger than the set of plaintexts to achieve semantic security.<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a> </p> <h3>Initialization Vectors (IVs)</h3> <p>Many block cipher modes of operation, like <a href="/facts/Block_cipher_mode_of_operation/vIUabB2z">Cipher Block Chaining</a> (CBC), require the use of an Initialization Vector (IV) that is unique for each message. The IV is typically appended to the ciphertext, resulting in expansion.<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a> </p> <h3>Redundancy and Error Correction</h3> <p>Some cryptographic schemes intentionally introduce redundancy or error correction codes into the <a href="/facts/Ciphertext_stealing/qx4HCNeH">ciphertext</a> to protect against <a href="/facts/Tampering_(crime)/CVpB9xyP">tampering</a> or transmission errors. This added data increases the ciphertext size. </p> <h3>Specific Cryptosystems</h3> <p>Certain cryptographic schemes, such as <a href="/facts/Cocks_Identity_Based_Encryption/kssqdqmg">Cocks Identity-Based Encryption</a>, can produce ciphertexts that are hundreds or thousands of times longer than the original plaintext. This extreme expansion is a design choice to achieve the desired security properties.<a class="footnote-ref" id="fnref:4" href="#fn:4"><sup>4</sup></a> </p><p>Ciphertext expansion can be offset or increased by other processes that compress or expand the message, such as data compression or error correction coding. The overall impact on message size depends on the relative strengths of these competing effects. </p> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>Jain, V.K. Cryptography and Network Security. Khanna Book Publishing Co. p. 108. ISBN 9789380016801. <a href="9789380016801" target="_blank">9789380016801</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>"How to solve the problem of FHE ciphertext expansion?". Cryptography Stack Exchange. Retrieved 2024-07-17. <a href="https://crypto.stackexchange.com/questions/103963/how-to-solve-the-problem-of-fhe-ciphertext-expansion" target="_blank">https://crypto.stackexchange.com/questions/103963/how-to-solve-the-problem-of-fhe-ciphertext-expansion</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>"Ciphertext expansion | Semantic Scholar". www.semanticscholar.org. Retrieved 2024-07-17. <a href="https://www.semanticscholar.org/topic/Ciphertext-expansion/506973" target="_blank">https://www.semanticscholar.org/topic/Ciphertext-expansion/506973</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> <li id="fn:4"><p>"How to solve the problem of FHE ciphertext expansion?". Cryptography Stack Exchange. Retrieved 2024-07-17. <a href="https://crypto.stackexchange.com/questions/103963/how-to-solve-the-problem-of-fhe-ciphertext-expansion" target="_blank">https://crypto.stackexchange.com/questions/103963/how-to-solve-the-problem-of-fhe-ciphertext-expansion</a> <a href="#fnref:4" class="footnote-back-ref">↩</a></p></li> </ol>