5

I know enough about cryptology to make life difficult for a novice programmer and get laughed at by security experts. So with that in mind, I ask: how secure is javax.crypto.Cipher? I realise that anything can be cracked by someone with a will and a way, but I still would like to know relative details.

The reason I ask is I would like to store account names and passwords that will be sent through my Cryptor class that will encrpyt them, and would like to know if this will do the job. If any one has any literature that I could read, that would be greatly apprieciated.

Thanks ~Aedon

ahodder
  • 11,353
  • 14
  • 71
  • 114
  • Skim through the [Jasypt](http://www.jasypt.org/) documentation. There's a lot of good links floating around in there. – Jeremy Aug 08 '11 at 21:55

3 Answers3

7

Cipher is a generic class to apply an encryption/decryption algorithm. Its security depends on the actual encryption algorithm used (DES, triple-DES, AES, etc.), on the size of its key, and on the block chaining type that you choose.

JB Nizet
  • 678,734
  • 91
  • 1,224
  • 1,255
  • Ah, I see. How can you change the size of the key? I was getting a huge amount of exception flak when I tried to use a 32 byte key for my `SercretKeySpec` and `IvParameterSpec`? I looked through the docs but it wasn't clear. – ahodder Aug 08 '11 at 22:05
  • DES has a 64 bit key of which only 56 bits are actually used. AES has a 128 or 256 bit key. If you are encrypting account names and passwords, I would suggest using AES-128 in CTR mode, that way you will not expand your data with padding. CTR mode does not need padding as CBC mode does. – rossum Aug 08 '11 at 22:38
  • @rossum does GCM need padding? Thanks – Diego Ramos Sep 13 '22 at 16:09
  • 1
    @Diego No, GCM mode does not need padding as it is a variant of stream cipher, not a block cipher. – rossum Sep 13 '22 at 16:44
5

If you intend to store passwords securely, then your requirements are quite different from simply "communicating securely/privately". A Cipher on its own is not enough to protect you. You need to use one of these

in that circumstance. Here are some arguments and links concerning password security.

The punchline is that "normal" encryption (or hashing, too) is just way too fast to hold off serious attackers. You want to artificially slow down the entire process to make it as hard as possible for somebody systematically attacking your application. A single user won't notice the difference between 1 or 500 milliseconds when entering a password but for an attacker this means that in order to break your scheme it will take them 500 times as long on the average - so if it would have taken roughly 1 month to find a valid password before, now it will take 500 months.

Community
  • 1
  • 1
emboss
  • 38,880
  • 7
  • 101
  • 108
0

Since NullCipher is a Cipher - not secure at all.

emory
  • 10,725
  • 2
  • 30
  • 58