Can some point me in the right direction?
I'd like to use JCE/JCA to derive a new key from a master secret key, How can I achieve this?
Regards.
Asked
Active
Viewed 7,459 times
1 Answers
6
The JCA provides standard password-based key derivation functions like PBKDF2 defined in PKCS#5 v2.0 and RFC 2898. This algorithm creates some random material from a master secret (a password) in order to generate a key suitable for a given cipher.
public byte[] deriveKey(String password, byte[] salt, int keyLen) {
SecretKeyFactory kf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
KeySpec specs = new PBEKeySpec(password.toCharArray(), salt, 1024, keyLen);
SecretKey key = kf.generateSecret(specs);
return key.getEncoded();
}
public byte[] encrypt(String password, byte[] plaintext) {
byte[] salt = new byte[64];
Random rnd = new Random();
rnd.nextByte(salt);
byte[] data = deriveKey(password, salt, 192);
SecretKey desKey = SecretKeyFactory.getInstance("DESede").generateSecret(new DESedeKeySpec(data));
Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, desKey);
return cipher.doFinal(plaintext);
}
-
2Good sample. But keep in mind, that in this case (random salt) you need to remeber the salt for the decryption method. Because otherwise it will get hard to reverse it. One option woul be to return salt + '$' + cipher.doFinal(plaintext) (or use a fixed salt). – eckes Jun 01 '11 at 16:15
-
1If you're deriving a key from a _master key_, as opposed to deriving a key from a _password_, then you should use a _key derivation function_ such as HKDF, not a _password-based key derivation function_ such as PBKDF2. That's not insecure per se, but it's massively inefficient. Furthermore you should not use DES with CBC, that part is seriously obsolete (and already was in 2010) and insecure. – Gilles 'SO- stop being evil' Apr 04 '19 at 21:36