Java DES Wrong Encryption

Question

I have coded DES in Java using builtin Libraries but I am not getting the right Encryption Result. Please explain me where I am making a mistake

import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.xml.bind.DatatypeConverter;

public class MainClass {

    public static void main(String[] args) {

        String l = "0e329232ea6d0d73";

        byte[] a = DatatypeConverter.parseHexBinary(l);

        try{
            DESKeySpec dks = new DESKeySpec(a);
            SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
            SecretKey sk = skf.generateSecret(dks);
        Cipher c = Cipher.getInstance("DES");
        c.init(Cipher.ENCRYPT_MODE, sk);
        String M = "8787878787878787";
        byte[] b = c.doFinal(M.getBytes());

        System.out.println(new String(b));
        c.init(Cipher.DECRYPT_MODE, sk);
        System.out.println(new String(c.doFinal(b)));
        }
        catch(Exception e)

        {
            System.out.println(e.getMessage());
        }   
    }

}

HexaDecimal 16 Digit Key: 0e329232ea6d0d73
Plain Text: 8787878787878787
Encryption : –m^MúÊ'+–m^MúÊ'+©ôËÓ—

Desired Encryption: 0000000000000000

This is what I am saying the answer in the encrypted output in online calculator is 0000, and mine is completely different:

What do you mean by desired result? Is it desired encrypted message or desired decrypted message? — mazhar islam, Oct 15 '16 at 23:24
http://www.emvlab.org/descalc/ I was matching my results with this DES calculator . and it doesn't matches with mine — Syed Khizer Abass, Oct 15 '16 at 23:27
The desired result of decryption is 87878787..., not 00000000... and you don't state any basis for your apparent expectation that the result of encryption will be all zeros either, which is most improbable. Unclear what you're asking. — user207421, Oct 15 '16 at 23:27
Just edited it . Sorry . I meant the Encryption should be 0000000000 — Syed Khizer Abass, Oct 15 '16 at 23:29
1. Don't use DES, it is no longer considered secure, it has been superseded byAES. 2. The result of encryption is an array of bytes, not characters, if you need to display encrypted data use hexadecimal. 3. How do you expect `0000000000000000` as the encrypted result. 4. Do not use ECB mode, it is insecure, see [ECB mode](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29), scroll down to the Penguin. — zaph, Oct 15 '16 at 23:33
@EJP Actually what i am trying to is to encrypt 87878787... with the above mentioned 16 digit hexadecimal key . Whose Encrypted value should be 00000..... Which is the right Encrypted answer. But what when i try to encrypt with my code it just gives some really different answers as mentioned above . — Syed Khizer Abass, Oct 15 '16 at 23:34
@zaph can you explain how i will do this . ? and yes i know it has been superseded by AES already but i am just working on DES . — Syed Khizer Abass, Oct 15 '16 at 23:36
For the third time, why do you think the result should be all zeros? I repeat that this is most improbable. And are these binary zeroes or ASCII zeros? — user207421, Oct 15 '16 at 23:37
Why DES since you kow it is no longer secure? Is this homework? — zaph, Oct 15 '16 at 23:37
Yes i already know that it is not secure . yes this is my homework but my code isn't giving the right answers. let me share the picture of online calculator what i am trying to say . — Syed Khizer Abass, Oct 15 '16 at 23:42
@EJP Strangly enbough the output **is** hex `0000000000000000 `: [DES CALCULATOR](http://extranet.cryptomathic.com/descalc/index?key=0e329232ea6d0d73&iv=0000000000000000&input=8787878787878787&mode=ecb&action=Encrypt&output=) — zaph, Oct 15 '16 at 23:46
@user2747596 Please econsider using variable names that mean something such as `key`, `data`, etc. — zaph, Oct 16 '16 at 00:12
General advice: **Always use a fully qualified Cipher string.** `Cipher.getInstance("DES");` may result in different ciphers depending on the default security provider. It most likely results in `"DES/ECB/PKCS5Padding"`, but it doesn't have to be. If it changes, you'll lose compatibility between different JVMs. For reference: [Java default Crypto/AES behavior](http://stackoverflow.com/q/6258047/1816580) — Artjom B., Oct 16 '16 at 08:45
**Never use [ECB mode](http://crypto.stackexchange.com/q/14487/13022)**. It's deterministic and therefore not semantically secure. You should at the very least use a randomized mode like [CBC](http://crypto.stackexchange.com/q/22260/13022) or [CTR](http://crypto.stackexchange.com/a/2378/13022). It is better to authenticate your ciphertexts so that attacks like a [padding oracle attack](http://crypto.stackexchange.com/q/18185/13022) are not possible. This can be done with authenticated modes like GCM or EAX, or with an [encrypt-then-MAC](http://crypto.stackexchange.com/q/202/13022) scheme. — Artjom B., Oct 16 '16 at 08:46
**Don't use DES nowadays.** It only provides 56 bit of security. AES would be a much better, because it's more secure with the lowest key size of 128 bit. There is also a practical limit on the maximum ciphertext size with DES. See [Security comparison of 3DES and AES](http://security.stackexchange.com/q/26179/45523). — Artjom B., Oct 16 '16 at 08:46
The IV must be unpredictable for CBC mode (read: random). Don't use a static IV, because that makes the cipher deterministic and therefore not semantically secure. An attacker who observes ciphertexts can determine when the same message prefix was sent before. The IV is not secret, so you can send it along with the ciphertext. Usually, it is simply prepended to the ciphertext and sliced off before decryption. — Artjom B., Oct 16 '16 at 08:47

zaph · Answer 1 · 2016-10-15T23:50:15.923

1

The data is: hex 8787878787878787 and needs to be converted to binary. `

edited Oct 15 '16 at 23:50

answered Oct 15 '16 at 23:47

zaph

111,848
21
189
228

Convert the hax characters strig to `byte[]` data. – zaph Oct 15 '16 at 23:50
did you mean Converting M to hexa binary ? – Syed Khizer Abass Oct 15 '16 at 23:55
can you please explain what you are trying to say ?Because i am not getting you on this – Syed Khizer Abass Oct 15 '16 at 23:56

mazhar islam · Accepted Answer · 2016-10-16T10:03:32.043

1

Change

byte[] b = c.doFinal(M.getBytes());

to

byte[] b = c.doFinal(DatatypeConverter.parseHexBinary(M));

Besides, use mode ECB in your code (because you marked ECB in your picture). Like:

Cipher c = Cipher.getInstance("DES/ECB/NoPadding");

The String.getBytes() encodes the String into a sequence of bytes using the platform's default charset, storing the result into a new byte array. In your case which is an array of length 16 containing values 56 55 56 55... ASCII representation of 8787...

What you need is converting the Hex 8787... to binary.

edited Oct 16 '16 at 10:03

answered Oct 15 '16 at 23:57

mazhar islam

5,561
3
20
41

Thanks man for saving my life .. it worked for me . ok i have another question. how would i convert normal string to hexa – Syed Khizer Abass Oct 16 '16 at 00:10
You mean [Converting A String To Hexadecimal In Java](http://stackoverflow.com/questions/923863/converting-a-string-to-hexadecimal-in-java)? – mazhar islam Oct 16 '16 at 00:13
@user2747596 And "platform's default charset" is probably not what you want, especially since it can change and if you don't know what it is you can't communicate that the person who has to decrypt your text. – Tom Blodget Oct 16 '16 at 00:51

user207421 · Answer 3 · 2016-10-16T06:20:02.653

0

The input to that online calculator is stated to be hex, which implies a data convertion. You aren't doing any hex conversion in your code: you're just providing base-10 digits in ASCII.

edited Oct 16 '16 at 06:20

answered Oct 15 '16 at 23:48

user207421

305,947
44
307
483

Actually hex-ASCII not base-10 digits and binary is needed. – zaph Oct 15 '16 at 23:52
1

@zaph It's only 'hex-ASCII', whatever that may be, if the recipient so treats it, which it doesn't. Binary is needed as an input to the encryption, but hex is a representation of binary. Base-10 digits in ASCII are also a representation of binary, but of the wrong binary value in this case. – user207421 Oct 15 '16 at 23:59
1

It turns out that both the data and key are in hex-ascii. – zaph Oct 16 '16 at 00:13
The above answer just solved my issue you were right it was the issue of M.getbytes[] it wasn't in hexa. Thanks for the answers – Syed Khizer Abass Oct 16 '16 at 00:14

Java DES Wrong Encryption

3 Answers3