4

Okay, I am working on an application and I want to store a file on the user's SD Card, but I want the file encrypted. I've researched several sites that use the DES encryption to encrypt files and data, but I am confused about something. All the examples I'm seen use a line like this:

SecretKey key = KeyGenerator.getInstance("DES").generateKey();

The problem I am having is that I get my key to encrypt and obviously I need the same key to decrypt. But its seems like a paradox because if I store my key in a file or in a database, can't someone get the key and decrypt my file? Maybe I am missing something, but is there a way to generate a key using a supplied pass phrase? And why would someone not want to use a passkey if they must store the generated key somewhere else?

Icemanind
  • 47,519
  • 50
  • 171
  • 296
  • Also consider that if post an app to the Android Market with AES 128 or 256 bit key encryption you must attest that you are in compliance with the law of the land. – JAL May 15 '11 at 02:56

3 Answers3

1

First of all, please don't use DES. It has been broken from many years. Use AES instead.

The problem I am having is that I get my key to encrypt and obviously I need the same key to decrypt.

If you use symmetric cryptography techniques this is it. Otherwise have a look to asimmetric encryption.

But its seems like a paradox because if I store my key in a file or in a database, can't someone get the key and decrypt my file?

Yes, someone could do it.

Maybe I am missing something, but is there a way to generate a key using a supplied pass phrase?

You don't use a the key using a passphrase. Usually you do the following things:

  1. key generation
  2. encrypt the key generated with a symmetric key derived from a passphrase

And why would someone not want to use a passkey if they must store the generated key somewhere else?

There could be several reasons. For example you can store the key in a removable device, and you want simply connect it to your computer for retrieving the key, without entering the passphrase. Having a passphrase has its disadvantage too: passphrase must be remembered, can be guessed, if it's too long probably you'll write it down (and that's pretty the same thing then storing it in a file )

EDIT:

to generate a key from a password have a look at PBKDF2 (related post).

Community
  • 1
  • 1
Heisenbug
  • 38,762
  • 28
  • 132
  • 190
1

I think there are two cases:

  1. You trust the user - let the key be dependent on some input (password / passphrase). and encrypt / decrypt the data with it.

  2. You don't trust the user - then you're in trouble, you might obfuscate the encryption / decryption algorithm, but as long as the mechanism + key is stored on the device, you will have this problem.

This applies to both symmetric and asymmetric encryption.

MByD
  • 135,866
  • 28
  • 264
  • 277
  • I trust the user and I would love to let the key be dependant on a password, but how do I do that? the generateKey() method does not seem to allow a password to be supplied. – Icemanind May 15 '11 at 02:13
  • Once you have generated a key (using the methods you specified) encrypted it with a passphrase you get from the user and keep it in a DB (or wherever you want) I will elaborate in 2-3 hours. – MByD May 15 '11 at 02:21
  • Yeah I got all that. The part I'm unclear about is how to "encrypt it with a passphrase you get from the user". How is this done in Android? – Icemanind May 15 '11 at 03:33
  • Look here for an example: http://www.exampledepot.com/egs/javax.crypto/PassKey.html . Note that this example is for DES, which is not recommended, but it should give you the taste, refer here: http://download.oracle.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html for more, and here: http://www.coderanch.com/t/417428/java/java/Enryption-Java – MByD May 15 '11 at 04:13
0

Yeah, it is possible to use a pass-phrase to encrypt.

But first, dump DES. Use AES-128.

Accept the pass-phrase from the user and and generate the hash using SHA-256 or SHA-512. Trim the hash to 128 bits for AES-128. Refer this post.

Java AES and using my own Key

Use a salt when you can.

Regarding the storage of password part. Store the hash and not the password. This way you can prevent the attacker from generating the key. Ask the user to enter strong password. And don't forget that your salt must be very strong too.

So, in the end, you store only the hash of the password. The password is not stored and the key to decrypt will not be stored(It will be generated at run-time)

Hope it helps.

Community
  • 1
  • 1
Andrew Anderson
  • 457
  • 4
  • 14