CODEWITHSUNDEEP
javaencryptioncryptographyaes
user842225
user842225

Reputation: 5979

AES-256 encryption: Generate 256bits(32bytes) key from my fixed string

I would like to use AES256 to encrypt a text, I'd like to use my email [email protected] as the key to encrypt it.

This is what I tried:

String key = "[email protected]";
SecretKeySpec keySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

byte iv[] = SOME_RANDOM_32_BYTES;
IvParameterSpec ivSpec = new IvParameterSpec(iv);

Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);

byte[] encryptedResult = cipher.doFinal(text.getBytes("UTF-8"));

When I run above code, I got InvalidKeyException: 

java.security.InvalidKeyException: Key length not 128/192/256 bits.

I checked on internet, the reason is my key is not 128/192/256 bits. My question is, how can I generate a 256bits(32bytes) key from my email string [email protected] ?

Upvotes: 1

Views: 5192

Answers (3)

Syon
Syon

Reputation: 7391

You can hash your key string ([email protected]) to a 256bit value using SHA256.

MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(yourEmail.getBytes());
byte[] encryptionKey = md.digest();

Upvotes: 2

Erwan Legrand
Erwan Legrand

Reputation: 4395

You should not bake your own crypto! (Unless you are very knowledgeable on the matter, that is.)

You should use an existing (and audited) encryption library.

Also, you should not use a guessable string such as your e-mail address as a password. Please, look for advice on how to choose a good password.

Now that I have said this, here are more details.

The proper way to implement password based encryption is to use a KDF (Key Derivation Function) to generate an encryption key from your password. Here are a few KDFs that you can use for this task: Argon2, Scrypt, Bcrypt and PBKDF2.

Key derivation functions include mechanisms to defend against know attacks such as rainbow tables and dictionary attacks, notably a "salt" and a work factor. Modern KDFs such as Argon2 also attempt to prevent attackers from gaining an advantage by using hardware more suitable to the task.

Generally speaking, here how this is used:

  1. Select a work factor (the largest you can afford)
  2. Generate the salt using a CSPRNG
  3. Generate the encryption key and a MAC secret using your chosen KDF with the password, salt and work factor.
  4. Generate an IV (initialization vector) using a CSPRNG
  5. Encrypt the data to be protected using the generated encryption key.
  6. Compute the MAC of the encrypted message using the generated secret.
  7. Serialize the salt, the work factor, the computed MAC and the encrypted data. (Optionally, identifiers indicating what are the chosen KDF, encryption scheme and MAC should also be included if these are not fixed.)

Your encrypted message is the serialized data produced in step 7. Get any of the steps wrong (and that is easy) and your encryption code will probably break in horrible ways.

Perhaps now you get a sense of why you should use an existing library?

Note: the current best practice is to use AEAD (Authenticated Encryption with Associated Data) instead of encrypt-then-MAC as described above. Look this up if you are interested: I am not going to discuss this here.

Upvotes: 0

umesh
umesh

Reputation: 322

There can be multiple reasons for this. One of them is below. Usually this error comes when you don't have the update policy in your JRE. Java by default provide AES with 128, for 256 we have to put new policies provided by Java.

Upvotes: 0

Related Questions