Reputation: 51
Manual implementation of 3DES (academic)
For a course I am taking we are manually implementing the 3DES scheme, which is pretty straight-forward on paper (Two key, with EDE encryption). I have chosen Java as the implementation language but have run into an issue with how it handles encryption/decryption with differing keys. I keep receiving a javax.crypto.BadPaddingException error when attempting to apply the second round (i.e. "decryption" with K2). The default DES Cipher uses PKCS5Padding and I assume this is the problem, but I'm not sure how to work around it. My code for encryption is below (I hope it is not too straight-forward, less I overlooked something simple). Thank you in advance.
Key Definition (pretty basic and I will look to improve it as I've seen some different approaches while browsing around)
KeyGenerator kgen = KeyGenerator.getInstance("DES");
SecretKey sk_1 = kgen.generateKey();
SecretKey sk_2 = kgen.generateKey();
byte[] raw_1 = sk_1.getEncoded();
byte[] raw_2 = sk_2.getEncoded();
spec_1 = new SecretKeySpec(raw_1, "DES"); //key 1
spec_2 = new SecretKeySpec(raw_2, "DES"); //key 2
cipher = Cipher.getInstance("DES"); //standard mode is ECB which is block-by-block w/PKCS5Padding
cipher2 = Cipher.getInstance("DES");
protected byte[] get3DESEncryption(byte[] plaintext) throws Exception{
byte[] output = new byte[plaintext.length];
System.out.println("output len init: " + output.length);
cipher.init(Cipher.ENCRYPT_MODE, spec_1);
cipher2.init(Cipher.DECRYPT_MODE, spec_2);
//first encryption round, key 1 used
output = cipher.doFinal(plaintext);
//second "encryption" round, key 2 used but decrypt run
output = cipher2.doFinal(output);
//third encryption round, key 1 used
output = cipher.doFinal(output);
//return ciphertext
return output;
}
Upvotes: 4
Views: 761
Answers (1)
Reputation: 6095
The problem is that you should not use any padding on second (decrypting) and third (encrypting) steps. When you actually apply EDE you should pad only the plain text.
A transformation is of the form:
"algorithm/mode/padding" or "algorithm" (in the latter case, provider-specific default values for the mode and padding scheme are used).
So, you should explicitly tell it not to use padding on cipher2 & cipher3 (you did not created the latter one yet).
Thus, you should have three cipher objects:
- cipher1 DES/ECB/PKCS5Padding
- cipher2 DES/ECB/NoPadding
- cipher3 DES/ECB/NoPadding
[EXTRA HINT]
For decryption you should initialize the ciphers differently and you should reorder the ciphers as well.
Upvotes: 2
Related Questions
- How do I use 3DES encryption/decryption in Java?
- Java 3DES implementation (academic)
- 3DES key exchange with RSA in Java
- 3DES encrypt from C# to JAVA
- 3DES Encryption Oracle/JAVA equivalent
- How to use three keys with triple des(3des) in Java
- Encryption algorithm about 3DES's ECB
- Decrypting value in 3Des using Java
- 3DES/DES encryption using the JCE - generating an acceptable key
- Creating 3DES key from bytes