Problem in Encryption/Decryption
1 posts in topic
Flat View  Flat View
Older Post First |   Reply to Topic
TOPIC ACTIONS:
 

Posted By:   Muraleedhar_Nelakonda
Posted On:   Monday, May 13, 2002 11:06 AM

Hi I have a problem in Encryption/Decryption.I want to encrypt the password before inserting it into the database.And to decrypt the same after reading it from the database to get the original password. Here is the code I am using.It is working .But if I remove the decrypting code and try to decrypt a password which was encrypted before saving into database it is not returning the original one.It is because the Key is not same as the key used to encrypt.Iam using SUN JCE . Can any one please help me . thanks, Muraleedhar KeyGenerator keygen=null; SecretKey desKey = null; Cipher desCipher = null; Cipher desCipher1 = null;    More>>

Hi

I have a problem in Encryption/Decryption.I want to encrypt the password before inserting it into the database.And to decrypt the same after reading it from the database to get the original password.
Here is the code I am using.It is working .But if I remove the decrypting code and try to decrypt a password which was encrypted before saving into database it is not returning the original one.It is because the Key is not same as the key used to encrypt.Iam using SUN JCE .
Can any one please help me .

thanks,

Muraleedhar



KeyGenerator keygen=null;


SecretKey desKey = null;


Cipher desCipher = null;


Cipher desCipher1 = null;



java.security.Security.addProvider(new com.sun.crypto.provider.SunJCE());




try


{



keygen = KeyGenerator.getInstance("DES","SunJCE");


}

catch (java.security.NoSuchAlgorithmException ne)

{


ne.printStackTrace();

throw ne;


}


desKey = keygen.generateKey();


desCipher = Cipher.getInstance("DES", "SunJCE");


desCipher.init(Cipher.ENCRYPT_MODE, desKey);


String toEncryptString = "Hello";


byte[] cleartext = toEncryptString.getBytes();


byte[] ciphertext = desCipher.doFinal(cleartext);


String encryptedText = new String(ciphertext);


System.out.println(encryptedText);


desCipher1.init(Cipher.DECRYPT_MODE, desKey);


byte[] ciphertext1 = desCipher1.doFinal(encryptedText.getBytes());


String decryptedText = new String(ciphertext1);


System.out.println(decryptedText);

   <<Less
Report | Quote This | Send private message | Reply | Print

Re: Problem in Encryption/Decryption

Posted By:   Christopher_Koenigsberg  
Posted On:   Monday, May 13, 2002 02:57 PM

the Key is not same as the key used to encrypt



Ah, congratulations, you have independently discovered the "key distribution" problem in crypto, as Diffie & Hellmann (?) first categorized it.



Either the secret encrypt/decrypt key must be shared somehow in advance (symmetric, like in DES), so the encrypting and decrypting parties both know it, or else you must use an asymmetric public/private key scheme first, to distribute and share the symmetric (DES) key, which will be used subsequently.



Diffie & Hellmann's advance was the notion of the public/private key pair & algorithm, which could be used as a way to distribute the symmetric (DES) key, safely & securely, without an infinite regress, of requiring further shared secrets beforehand.



It's too computationally expensive usually, to use the public/private key pair for the entire encrypted session, so it's usually used just to distribute the symmetric (DES) key, which can be used for faster encrypt/decrypt operations, once it's shared successfully by both parties.



That is how PGP etc. work -- you encrypt your chosen/generated private secret symmetric (DES) key, using only my public key. You send it to me, and I decrypt it using my private key. Now I have the same private secret symmetric (DES) key, and we can use it from then on, to encrypt and decrypt our further conversation.

Report | Quote This | Send private message | Reply | Print
About | Sitemap | Contact