Encryption /Decryption

Hi Group,

This is the first time I am using encryption/decryption in Java. I have successfully implemented AES algorithm for encrypting the values and storing them in the database. I have also implemented the decrypting protocol. I do the following on the server side.

1. When the user queries for information from the database. I get the encrypted values from the database to the respective Business objects.
2. Then pass the bussiness object to the decryption algorithm to get the original values to viewed by the user.
3. When the user changes any values, I try to encrypt it back and save it in the database.

My Question is, is this the correct/optimal approach while handling encrypted data.

Thanks,

Very carefully.

What are you trying to optimize? Its normal to try to not have to go through the encipher/decipher cycle too many times, as its usually slower than normal access. So look to caches to access first.

The big problem is key management.

After that, remember that the standard algorithms work on arrays of unsigned octets, which are close to Java's byte[] structure. Do not try to work with Strings or other higher level functions, thar be dragons.

Hey

Thanks for the reply. I just trying to check the way I am handling encrypted data is correct or not. For example, when the user logins in, I try to encrypt the data and compre with the database. Then I obtain the complete user data from the database, decrypt the data and store it in the Bussiness objects. I have couple (2 or 3) of there objects in the session.

I encrypt the normal data using AES algorithm and then use base64encoding to convert into a string. Is this good. How can I store the byte[] in the MySQL Database.

I have to check about key management. I never had a look into it.

Thanks,

Rishi Kanth wrote: For example, when the user logins in, I try to encrypt the data and compare with the database.

For the login part, most implementations use a one-way hash or HMAC for the password. You can't decrypt it, you just create the Hash, and compare the hash value from the entered data against what is in the database. Its much safer. Only downside is that you can't tell the user what his/her password is/was. All you can do is assign a new one.

On the more general concept, a fair number of RDBMS systems will handle the over the wire encryption/decryption for you. Its always better to use a well trusted and well implemented version rather than attempting to do your own.

Hey Pat,

thanks for reply. You are suggesting me to use the MYSQL provided AES/DES for encrypting and decrypting data.

Rishi Kanth wrote: You are suggesting me to use the MYSQL provided AES/DES for encrypting and decrypting data.

I'm stating the fact that many RDMBS packages support storing and transmitting the data using AES. No one used DES any more.

If that meets your needs, its much better to use a well tested solution than to roll you own.

Crypto code is complex, and only works as a system. Any weakness in the system can render all the crpyto moot and broken.

In addition to the RDBMS crypto support, most (all?) operating systems support encrypted disk partitions. The OS handles the crypto, but once given the proper keys, all the applications use the disk normally, yet the data is stored enciphered. Its a different approach, still implemented and tested by others.

I don't understand the threat model you are trying to protect against. Its impossible to design a useful crpyto system without knowing the threat model. And any solution has to look at the operational considerations. You have to understand the risks and decide what operational overhead you are willing to accept.

Take the encrypted file system as a design point. Its easy to setup, and works. But someone has to enter the key to unlock the partition. Who is going to go to the data center at 3AM to enter it after a reboot?