0

I would like to use AES256 to encrypt a text, I'd like to use my email test@gmail.com as the key to encrypt it.

This is what I tried:

String key = "test@gmail.com";
SecretKeySpec keySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

byte iv[] = SOME_RANDOM_32_BYTES;
IvParameterSpec ivSpec = new IvParameterSpec(iv);

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

byte[] encryptedResult = cipher.doFinal(text.getBytes("UTF-8"));

When I run above code, I got InvalidKeyException: 

java.security.InvalidKeyException: Key length not 128/192/256 bits.

I checked on internet, the reason is my key is not 128/192/256 bits. My question is, how can I generate a 256bits(32bytes) key from my email string test@gmail.com ?

user842225
  • 5,445
  • 15
  • 69
  • 119
  • 1
    possible duplicate of [Java 256-bit AES Password-Based Encryption](http://stackoverflow.com/questions/992019/java-256-bit-aes-password-based-encryption) – Konstantin V. Salikhov Jul 23 '14 at 13:29
  • @KonstantinV.Salikhov , I checked the link you provided, there he was asking how to use his password to generate key, but in the accepted solution, I didn't see where his password is used? – user842225 Jul 23 '14 at 13:36
  • 1
    @user842225 Regarding the link, a local variable `password` is assumed to exist. It is used in the line: `KeySpec spec = new PBEKeySpec(password, salt, 65536, 256);`. Of course, that possible duplicate assumes the password is secret - in your case it wouldn't be. – Duncan Jones Jul 23 '14 at 13:40

3 Answers3

1

You can hash your key string (test@gmail.com) to a 256bit value using SHA256.

MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(yourEmail.getBytes());
byte[] encryptionKey = md.digest();
Toastrackenigma
  • 7,604
  • 4
  • 45
  • 55
Syon
  • 7,205
  • 5
  • 36
  • 40
0

There can be multiple reasons for this. One of them is below. Usually this error comes when you don't have the update policy in your JRE. Java by default provide AES with 128, for 256 we have to put new policies provided by Java.

umesh
  • 312
  • 3
  • 4
  • 15
0

You should not bake your own crypto! (Unless you are very knowledgeable on the matter, that is.)

You should use an existing (and audited) encryption library.

Also, you should not use a guessable string such as your e-mail address as a password. Please, look for advice on how to choose a good password.

Now that I have said this, here are more details.

The proper way to implement password based encryption is to use a KDF (Key Derivation Function) to generate an encryption key from your password. Here are a few KDFs that you can use for this task: Argon2, Scrypt, Bcrypt and PBKDF2.

Key derivation functions include mechanisms to defend against know attacks such as rainbow tables and dictionary attacks, notably a "salt" and a work factor. Modern KDFs such as Argon2 also attempt to prevent attackers from gaining an advantage by using hardware more suitable to the task.

Generally speaking, here how this is used:

  1. Select a work factor (the largest you can afford)
  2. Generate the salt using a CSPRNG
  3. Generate the encryption key and a MAC secret using your chosen KDF with the password, salt and work factor.
  4. Generate an IV (initialization vector) using a CSPRNG
  5. Encrypt the data to be protected using the generated encryption key.
  6. Compute the MAC of the encrypted message using the generated secret.
  7. Serialize the salt, the work factor, the computed MAC and the encrypted data. (Optionally, identifiers indicating what are the chosen KDF, encryption scheme and MAC should also be included if these are not fixed.)

Your encrypted message is the serialized data produced in step 7. Get any of the steps wrong (and that is easy) and your encryption code will probably break in horrible ways.

Perhaps now you get a sense of why you should use an existing library?

Note: the current best practice is to use AEAD (Authenticated Encryption with Associated Data) instead of encrypt-then-MAC as described above. Look this up if you are interested: I am not going to discuss this here.

Erwan Legrand
  • 4,148
  • 26
  • 26