0

I'm a bit of an encryption newbie, but need to encrypt sensitive personal data before storing in a database. I was planning to use AES with CBC, but also wanted to use a salt. I couldn't however find a way to do this (other than with BouncyCastle which my host is not prepared to allow for some reason) so I decided to add one myself by adding a random string to end of the text to be encrypted:

SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
byte[] iv = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
IvParameterSpec ivspec = new IvParameterSpec(iv);

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

cipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivspec);

String plainText = "This is my plain text";
System.out.println("**plainText: " + plainText);

String saltedPlainText = plainText + UUID.randomUUID().toString().substring(0, 8);
byte[] encrypted = cipher.doFinal(saltedPlainText.getBytes());
String encryptedText = new String(new Hex().encode(encrypted));
System.out.println("**encryptedText: " + encryptedText);

cipher.init(Cipher.DECRYPT_MODE, skeySpec, ivspec);

byte[] decrypted = cipher.doFinal(new Hex().decode(encryptedText.getBytes()));
saltedPlainText = new String(decrypted);
plainText = saltedPlainText.substring(0, saltedPlainText.length()-8);

System.out.println("**plainText: " + plainText);

I guess I have 3 questions:

  1. Is there a better way of including a salt in my encryption?
  2. In examples similar to this one, it always seems that a random key is generated at the start and the decryption is done immediately after the encryption. This is an unlikely scenario - so I've worked on the basis that I should use the same key each time (seems like a no-brainer but all examples I've seen seem to go random). Can't see how else it would work, but can someone confirm :)
  3. Working with a fixed key, I've noticed that if I keep encrypting the same string I do get a different result but only the end part of the encrypted result changes. Doesn't seem right. How come?

Many thanks, Neil

Neil Richards
  • 131
  • 1
  • 4
  • 16
  • Could my answer [here](http://stackoverflow.com/a/8828196/589259) be of some help? – Maarten Bodewes Apr 24 '13 at 19:28
  • You should not need bouncy castle for mainstream encryption purposes. The functionality within the Oracle JCA should suffice. If you do need additional Bouncy functionality you can simply compile the lightweight API with your application, installing the Bouncy provider may not work though... – Maarten Bodewes Apr 24 '13 at 19:30
  • Thanks @owlstead, your referenced answer was very helpful. I ended up removing the salt, using 256-bit and the standard JCA :) – Neil Richards Apr 30 '13 at 11:11

2 Answers2

3

Salting is generally something that is done when hashing a password, not when encrypting plaintext; for example, you would use a salt when generating a key from a password using PBEKeySpec. AES's "salt" is its initialization vector.

You are getting the same ciphertext when encrypting the same plaintext because you are using the same initialization vector each time - you need to randomize the IV (using e.g. SecureRandom) or else you need to generate the IV from a counter. The IV is not secret (can be transmitted in plaintext), and the decrypter needs to use the same IV as the encrypter.

Zim-Zam O'Pootertoot
  • 17,888
  • 4
  • 41
  • 69
1

Why are you adding salt to the text? It won't do anything.

Salt is usually used to hash a password, to defeat rainbow tables. Works something like this: Say user enters a password "qwerty". You generate a 16-byte long random string (rs), add it to the password, and hash the resulting string, then take the hash, add rs to it - and store the resulting string in database.

Evgeni
  • 3,341
  • 7
  • 37
  • 64
  • +1 for approximately getting it right, as the number of loops is normally configurable, and that a good PBKDF generally should use something closer to a MAC instead of (just) a hash. – Maarten Bodewes May 03 '13 at 23:05
  • Can you elaborate a bit on that ? I've just read a bit on PBKDF, but what does it have to do with MAC ? – Evgeni May 04 '13 at 00:46