Sending encrypted packets and knowing the length

Question

Is there a standard practice way to send an encrypted packet over a socket and have the receiving end know the length of that packet so they can decrypt it? Is it okay to send the length of the encrypted packet in the clear? Is it better for the receiving end to just read from the socket until there is no more data?

Answer 1

It's fine to send the length of the encrypted data in the packet. Take a look at the SSL packet structure for an example:

If you didn't send the length in the packet, and relied on your recipient to get the length after reading the entire stream, "Eve" could do the exact same thing to determine encrypted data length. There is no security loss in specifying the encrypted data length in plain text.

I'm assuming you are trying to send the length of the encrypted data in the clear, not the length of the original data.

You could also take a look at the RFC for TLS to see how they handle encrypted packets: https://www.rfc-editor.org/rfc/rfc5216 (~page 20)