0

This is a sample code through which I'm trying to read a file and encrypt/decrypt (if key is known for correct decryption) problem is the code is locked to accept the key of length 8, anything above or below is issuing a runtime error stating : 

Exception in thread "main" java.security.InvalidKeyException: Invalid key length: 11     bytes
at com.sun.crypto.provider.DESCipher.engineGetKeySize(DESCipher.java:373)
at javax.crypto.Cipher.passCryptoPermCheck(Cipher.java:1052)
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1010)
at javax.crypto.Cipher.implInit(Cipher.java:786)
at javax.crypto.Cipher.chooseProvider(Cipher.java:849)
at javax.crypto.Cipher.init(Cipher.java:1213)
at javax.crypto.Cipher.init(Cipher.java:1153)
at custom_enc.Custom_enc.encrypt(Custom_enc.java:50)
at custom_enc.Custom_enc.main(Custom_enc.java:105)
Java Result: 1

Class:

package custom_enc;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.Scanner;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
public class Custom_enc {

String ekey="";
String algorithm="";
String path1="";
File f;

public void Custom_enc()
{
    System.out.println("Enter the file name with extension and path : \n");
    Scanner s = new Scanner(System.in);
    String path1 = s.nextLine();
    f = new File(path1);
    System.out.println("Enter secret key : \n");
    ekey = s.nextLine();
}

public void encrypt() throws Exception
{
   Custom_enc();
   this.algorithm="DES/ECB/PKCS5Padding";
    FileInputStream fis =new FileInputStream(f);
    f=new File(f.getAbsolutePath()+"_encrypted_file.txt");
    FileOutputStream fos =new FileOutputStream(f);

    byte k[] = ekey.getBytes();
    SecretKeySpec key = new SecretKeySpec(k,"DES");
    Cipher encrypt = Cipher.getInstance(algorithm);

    encrypt.init(Cipher.ENCRYPT_MODE, key);
    CipherOutputStream cout=new CipherOutputStream(fos, encrypt);
    byte[] buf = new byte[1024];
    int read;

    while((read=fis.read(buf))!=-1) //reading data
        cout.write(buf,0,read); //writing encrypted data

    fis.close();
    cout.flush();
    cout.close();
    System.out.println("Encryption Done!!");
    //exit();
}

public void decrypt() throws Exception
{
    Custom_enc();
    this.algorithm="DES/ECB/PKCS5Padding";
    FileInputStream fis =new FileInputStream(f);
    f=new File(f.getAbsolutePath()+"_decrypted_file.txt");
    FileOutputStream fos =new FileOutputStream(f);

    byte k[] = ekey.getBytes();
    SecretKeySpec key = new SecretKeySpec(k,"DES");

    Cipher decrypt = Cipher.getInstance(algorithm);
    decrypt.init(Cipher.DECRYPT_MODE, key);
    CipherInputStream cin=new CipherInputStream(fis, decrypt);

    byte[] buf = new byte[1024];
    int read=0;

    while((read=cin.read(buf))!=-1) //reading encrypted data
    {
        fos.write(buf,0,read); //writing decrypted data
    }

    cin.close();
    fos.flush();
    fos.close();

    System.out.println("Encryption Done!!");
    //1exit();

}

public static void main(String[] args) throws Exception,     java.security.InvalidKeyException {
    Custom_enc obj = new Custom_enc();
    System.out.println("Enter your choice : \n 1 For Encryption \n 2 For Decryption");
    Scanner s1 = new Scanner(System.in);
    int choice = s1.nextInt();
    if(choice==1)
    {
        System.out.println("You've chosen to Encrypt\n");
        obj.encrypt();
    }
    else if(choice==2)
    {
        System.out.println("You've chosen to Decrypt\n");
        obj.decrypt();
    }
    else
    {
        System.out.println("Invalid Choice, Try again...");
    }
}

}
Maxim Kolesnikov
  • 5,075
  • 6
  • 38
  • 68
rajivsatyan
  • 1
  • 1
  • 1
    Please note that DES has been broken for years! Its 56bit keyspace can be bruteforced in less than a week (see http://www.copacobana.org/ for more infos). Also the ECB mode is the worst block cipher mode available, see the Tux picture that is clearly visible even in the encrypted image in https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_codebook_.28ECB.29 . I'd advise you to get all your encrypted data out the format and throw the code away and instead use GPG to encrypt your valuable data. (@Kayaman) – Perseids Apr 12 '14 at 10:37
  • Welcome to stackoverflow, rajivsatyan. – Maarten Bodewes Apr 12 '14 at 16:19

2 Answers2

0

Yes, DES uses a 64-bit key (although the effective key size is only 56-bits). 64-bits is 8 bytes, so that's your key length.

You can for example hashing to shrink a longer password to 64-bits, and go with that.

Kayaman
  • 72,141
  • 5
  • 83
  • 121
  • Can you please suggest the code, I'm new to this Cryptography and my Project guide is insisting to add the encryption and decryption standards to my project. – rajivsatyan Apr 12 '14 at 07:41
  • You need to find a way to convert a password into 8 bytes. One way to do this would be to hash the password, then take the first 8 bytes of the hash to be used as the key. I'm not going to write the code for you, since it's your project. There's plenty of explanations for hashing on the internet. – Kayaman Apr 12 '14 at 07:48
  • @rajivsatyan 8 bits of those 64 bits are actually parity bits. Depending of the implementation they are either ignored or will cause the key to be rejected if they are wrong. – Perseids Apr 12 '14 at 10:39
0

The problem is that you are confusing a password or pass phrase and a key; a password is not a key.

It is however possible to derive a password from a key. You should use a Password Based Key Derivation Function (PBKDF) to do so. There are a few of them that are safe to use: scrypt, bcrypt and PBKDF2. The latter is also present within the standard Oracle implementation of Java. It is part of the functions to support Password Based Encryption (PBE) in Java, as specified in the PKCS#5 standard.

See for instance the code in this question on how to utilize PBKDF2. Note that you have to create a salt (a secure random value of 64 bits or more) and add store it with your ciphertext.

Community
  • 1
  • 1
Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • This is only a direct answer to your question. Your code is *not cryptographically safe* as already concluded by @Perseids. Using PGP or GPG may indeed significantly increase security. – Maarten Bodewes Apr 12 '14 at 16:17