Hello,

I am using Bouncy Castle's implementation of El Gamal to encrypt messages. I am trying to encrypt the same message twice. i.e., encrypt the encryption of a message. The issue I encounter is that the length of the plaintext can be at most keyLength-1, while the length of the message I have after the first encryption round is keyLength (not taking into acount the part of the cipher correcsponding to G^xy). What is the reason for that? The El Gamal cryptosystem is semantically secure, therefore, it is not required to add random values to prevent the situation where the same plaintext results in the same cipher text. Can I control the length of the input and set it to maximum of keyLength? Are there providers who implemented El Gamal with maximum plain text for encryption equal to keyLength? Do you have any other suggestions on how to go about encrypting the encryption of a message?
Thank you in advance,

Shay

The BC API is currently set up to report safe lengths, strictly speaking the message can be any number up to p - 1. You should find that you can feed in a message that size though without an exception been raised as the API is also set up to allow you to ignore the maximum if you really know what you're doing.

Let me know if this fails to work.

Regards,

David

Can you please tell how to encrypt string using elgamal in Bouncy Castle .

ElGamal is really only designed for encrypting keys - you could encrypt a string if it was very short, however the recommended approach is to encrypt the data using a symmetric key, and then encrypt the symmetric key using ElGamal.

Bare in mind as well that with Java encrypting string data needs to take into account the available encodings on both the sending and receiving platform, it's often better just to process char arrays.

Regards,

David