permaculture playing cards
The moose likes Security and the fly likes Data encription Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Data encription" Watch "Data encription" New topic

Data encription

Joice Jose

Joined: Jun 29, 2005
Posts: 14
My client wants to secure a set of data from all the users, even the programmer should not able to access it at any cost. I was heard about public key/private key data encryption in which any one can access the public key but only the person who know the private key can decrypt the encrypted data. So that at the data entry time, using the public key, we can encrypt the data, store it in database and at the time of retrieval, can ask for private key, decrypt & produce the data. Is this a good solution? Please advice me if any of you are familiar about it. Thank you.
Chetan Parekh
Ranch Hand

Joined: Sep 16, 2004
Posts: 3640
Security forum is ment for this kind of questions.

My blood is tested +ve for Java.
David O'Meara

Joined: Mar 06, 2001
Posts: 13459

Moving to the Security forum.
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
The standard API for encryption in Java is called JCE (some links are here). But if you don't trust your developers, you'll have to go to some length to ensure that they're not inserting code that spies on the cleartext before it's encrypted or after it's decrypted.
Robin Wilson

Joined: May 10, 2006
Posts: 22
Ulf makes a good point - if you don't trust your programmers, I suggest you get a set of programmers that you do trust. Now if you are just using "even the programmers" as a metaphor for "assume the most restrictive access controls", then the answer to your question is _yes_, you want to use PKI.

PKI works on the concept of 2 keys that share a relationship, but I can't derive the other one if I have one of the keys. One key is used to encrypt data, and only the other key may decrypt the data.

When you build your system - you will want the application code to immediately encrypt incoming data. If you have control over the client that is submitting the data (i.e., not a web browser), you might even want the data encrypted from the client side. (Actually, I suppose client side encryption would be _possible_ if you used a JavaScript implementation of some Public Key algorithm, but that would be very slow I'd bet.)

The issue is "how do I show the user what they've entered?" If only you have the private key, once the user submits the data - not even they can decrypt it. (If you share your "private" key with the user, it's not very private any more.)

A good way to do this is to actually sit down and evaluate the level of security your data needs. Rather than doing a blanket "encrypt it all and let God sort it out!" approach, take a more rational view of the data and try to encrypt only what actually needs to be encrypted.

Also, you need to carefully evaluate who should actually be able to see the data. If you only want a single individual to be able to see the data, then PKI will work. If you want more than one individual to see the data, it make require a more thought-out approach.

--<br />Robin D. Wilson
I agree. Here's the link:
subject: Data encription
It's not a secret anymore!