patternjavaMinor
DES, Triple DES and AES-128 code in Java
Viewed 0 times
128tripleaesdesjavacodeand
Problem
I wrote below code to crypt and decrypt some bytes in three algorithm with Java
but I do not know if I wrote them in correct mode or not.
Please tell me about truth of code.
First class:
And three other classes:
First Triple DES:
```
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
public class TripleDES
{
SecretKey key;
TripleDES(byte [] rawkey) throws Exception
{
key = readKey(rawkey);
}
public SecretKey readKey(byte[] rawkey) throws Exception
{
DESedeKeySpec keyspec = new DESedeKeySpec(rawkey);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = keyfactory.generateSecret(keyspec);
return key;
}
public byte[] encrypt(byte[] plain ) throws Exception
{
Cipher cipher = Cipher.getInsta
but I do not know if I wrote them in correct mode or not.
Please tell me about truth of code.
First class:
public class Cryptography
{
Cryptography() {}
public byte[] Encryption_AES128(byte[] plain , byte[] key) throws Exception
{
AES128 aes128 = new AES128();
return aes128.encrypt(key, plain);
}
public byte[] Decryption_AES128(byte[] cipher , byte[] key) throws Exception
{
AES128 aes128 = new AES128();
return aes128.decrypt(key, cipher);
}
public byte[] Encryption_DES(byte[] plain , byte[] key) throws Exception
{
DES des = new DES(key);
return des.encrypt(plain);
}
public byte[] Decryption_DES(byte[] cipher , byte[] key) throws Exception
{
DES des = new DES(key);
return des.decrypt(cipher);
}
public byte[] Encryption_TripleDES(byte[] plain , byte[] key) throws Exception
{
TripleDES Tdes = new TripleDES(key);
return Tdes.encrypt(plain);
}
public byte[] Decryption_TripleDES(byte[] cipher , byte[] key) throws Exception
{
TripleDES Tdes = new TripleDES(key);
return Tdes.decrypt(cipher);
}
}And three other classes:
First Triple DES:
```
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
public class TripleDES
{
SecretKey key;
TripleDES(byte [] rawkey) throws Exception
{
key = readKey(rawkey);
}
public SecretKey readKey(byte[] rawkey) throws Exception
{
DESedeKeySpec keyspec = new DESedeKeySpec(rawkey);
SecretKeyFactory keyfactory = SecretKeyFactory.getInstance("DESede");
SecretKey key = keyfactory.generateSecret(keyspec);
return key;
}
public byte[] encrypt(byte[] plain ) throws Exception
{
Cipher cipher = Cipher.getInsta
Solution
You may want to use "DESede/CBC/PKCS5Padding" and "AES/CBC/PKCS5Padding" for added security.
-
"CBC" is chained cipher block. Both AES and DES are symmetric block ciphers, they encrypt only a fixed block of at a time. Basically, CBC makes the cipher retain state from previous blocks as you encrypt the next block. This makes it more difficult to perform known-plaintext attacks on your ciphertext.
-
"PKCS5Padding" causes the cipher to pad the data, including the size of the source block. This allows it to validate the size of the decrypted data, making it more difficult to attack the ciphertext directly.
Your classes are somewhat inconsistent. AES128 doesn't keep any state, requires the key to be passed in, and creates the keys in a different way than the others.
These could probably all be coalesced into a class hierarchy with an abstract base class that took SecureKey and Cipher objects created in the derived constructor. The encrypt/decrypt methods could then be implemented directly in the base class.
-
"CBC" is chained cipher block. Both AES and DES are symmetric block ciphers, they encrypt only a fixed block of at a time. Basically, CBC makes the cipher retain state from previous blocks as you encrypt the next block. This makes it more difficult to perform known-plaintext attacks on your ciphertext.
-
"PKCS5Padding" causes the cipher to pad the data, including the size of the source block. This allows it to validate the size of the decrypted data, making it more difficult to attack the ciphertext directly.
Your classes are somewhat inconsistent. AES128 doesn't keep any state, requires the key to be passed in, and creates the keys in a different way than the others.
These could probably all be coalesced into a class hierarchy with an abstract base class that took SecureKey and Cipher objects created in the derived constructor. The encrypt/decrypt methods could then be implemented directly in the base class.
Context
StackExchange Code Review Q#3798, answer score: 3
Revisions (0)
No revisions yet.