1

I am trying to develop an android app in java which needs encryption. Also I want to use AES-256 for encryption. But when I look a tutorial of it, It always generates a random key. My question is: How can I decrypt a string if I encrypt it with a random key? Also I tried almost every code in web, but none of them worked, so can you provide a AES-256 encryption code with no salt and IV. If I know something wrong, please correct me and teach me the truth.

Details: I am trying to make a password manager app. App has two passwords, first one is the master password that we use for encryption string data. Second one is the passwords that we want to manage. Master password is stored in users mind. And other password will be stored in the app with encrypted version. When user wants to see his passwords he will input his master key to decrypt the encrypted passwords. So how can I do it? And user's master password will be 32 or 64 digit and I don't think we need to generate a random key. Can you show me some way? I am not native english speaker, sorry for my bad english. Thanks for help.

  • If you don't store an encryption key on a device, I recommend that you search for "PBKDF2" or "ARGON2i" - these are key derivation functions that take a user input ("passphrase") and generate the encryption key for you. – Michael Fehr Sep 04 '21 at 08:31
  • But it will not generate a random key everytime, right? –  Sep 04 '21 at 08:40
  • 1
    Right. For e.g. PBKDF2 you need to generate a RANDOM salt for the first time your app is started, for later uses you need to read this salt (no need to hide the salt) and use it as input for the following key derivations. – Michael Fehr Sep 04 '21 at 10:55
  • Thanks bro. You helped me lot. –  Sep 04 '21 at 16:58
  • @MichaelFehr I have a question. If I make salt not generated and ambedded, would it be secure? I want to use PBKDF2 and AES 128 or 256 for encryption. –  Sep 05 '21 at 15:06
  • Very short answer: no. In most (encryption) schemes the random element is essential, so you should not leave this factor out. – Michael Fehr Sep 05 '21 at 17:44
  • maybe related https://stackoverflow.com/questions/68910620/public-private-keys-for-encryption-of-data?noredirect=1#comment121790711_68910620 – gusto2 Sep 05 '21 at 20:28

1 Answers1

1

My question is: How can I decrypt a string if I encrypt it with a random key?

You can't. You need to save the key (somewhere). Then when you want to decrypt the file you restore the key that you used to encrypt the file and use it to decrypt.

Here is an Answer that explains how to save an AES key to a file and restore it: https://stackoverflow.com/a/7176483/139985. Notice that the example encodes the key in hexadecimal before writing it to disk.

However. Anything that entails storing an encryption key (in the clear) in a file in the file system is vulnerable. If someone or something can compromise the security of the OS / file system where the key is held, they can read the file containing the key ... and ... decrypt what ever the key has been used to protect.

A better idea is to use some kind of secure key store / vault.

My advice: if you are write an app that manages passwords for other people, you really, really need to have a deep understanding of how to do this securely. And if you don't, pay a qualified IT security professional to design and implement that aspect of your system for you.

Just reading some tutorial and asking on StackOverflow does not cut it!

Stephen C
  • 698,415
  • 94
  • 811
  • 1,216
  • Hello. I want to use the user's input of 32 or 64 digit key for encryption string datas so I won't store encryption key in app. How can I make it? –  Sep 04 '21 at 08:12
  • Cemal: Please reread the last two paragraphs of my answer. Thanks. (If you don't understand, please get someone to translate my answer for you.) – Stephen C Sep 04 '21 at 08:13
  • Bro you dont get me. I won't store the encryption key in files. It will be stored in user's mind and nowhere else. So I want to understand how to make a program that when user inputs his 64 bit key, he will decrypt the encrypted passwords. How can I make this. –  Sep 04 '21 at 08:16
  • Well ... I frankly do see how a user can memorize a 256 bit AES key. I still think you need to talk to a professional ... who can advise you on how to design a security solution that is going to really be secure. But it you want to ignore that, there is sufficient detail in the Answer I linked to to give you the answer you need. (I assume that you have a way that you can get the user to provide the key ... from their "memory". Use that rather than reading a file.) – Stephen C Sep 04 '21 at 08:20
  • Dont think about how a user can memorize a 256 bit key. Just show me how to make it. –  Sep 04 '21 at 08:23
  • You are not making sense. Either the user provides you with the key, or you store the key. If you store the key, you need to do it securely. I have told you that storing it in a file is insecure ... and that to do it securely you should get an advice from a professional. I don't think I can explain it any clearer than that. – Stephen C Sep 04 '21 at 08:26
  • Can you read my text again please cause I wont store any master key in a file. I will just store the encrypted version of key. Please understand me. –  Sep 04 '21 at 08:28
  • That also doesn't make sense. If you are encrypting the master key so that you can safely store it, then you need a second key to encrypt and decrypt the master key. And you have to store the second key ... somewhere. There is something fundamental about security technology that you are missing. You need to talk to a professional. The problem is not that I don't understand what you are saying. The problem is that you don't understand that the scheme you are proposing is nonsensical (fundamentally insecure). That's what a professional will be able to explain to you. – Stephen C Sep 04 '21 at 09:04
  • I just read Michael Fehr's comment. He is correct. One possible solution would be to generate the master key from a passphrase that the user supplies. But then you have the problem that the user must remember the passphrase ... and if the passphrase is weak, or if they write it down, then it is insecure too. There are other potential solutions that rely on physical security ... but they depend on what your hardware and OS platform are. – Stephen C Sep 04 '21 at 09:08