First let me be clear upfront that am not Crypto expert. I'm having a problem where I will have to use NFC card. Now given the limitation of NFC cards memory sizes, I will need to constraint my system to generate encoded data up to X amount of character.
Is there a way to limit character of AES encrypted data to not exceed certain limit? It would be easy with hashes but the data have to be reversible.
AES operates on 128 bits of data. We can use modes of operation to turn AES (and any block cipher for that matter) into something that can handle longer (or shorter) data. If you want the ciphertext to be limited to X bits (above you said characters, I'm switching this to bits to make things easy), X must be at least as long as the plaintext data (compression may change that, but you must be very careful).
Using a stream-like mode (which would turn AES into a stream cipher) such as CTR mode, the plaintext text length and ciphertext length will be the same. Using a mode like CBC, the ciphertext will be slightly larger (at most 255 bits longer).
The two modes I listed above only provide confidentiality guarantees. This can be devastating to security, however. Especially if you are using a stream-like mode. To add integrity, you can use something like HMAC or an authenticated encryption scheme. If at all possible, you should do this as it would prevent entire classes of attacks. Authenticated encryption will make the output of the cipher longer than the plaintext, because it adds an authentication tag to the data.
