File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Best encryption and decryption algorithm using java API. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Best encryption and decryption algorithm using java API." Watch "Best encryption and decryption algorithm using java API." New topic
Author

Best encryption and decryption algorithm using java API.

shan raj
Ranch Hand

Joined: Dec 16, 2008
Posts: 42
Hi,

I would like to have the code for encrypting and decrypting the password and store it in a file. In later when ever it needs I need to decrypt and show it to the user( for Admin).
Could you any one suggest me to best API to use?

Thanks in Advance
Shan
sandeep lokhande
Ranch Hand

Joined: Jan 25, 2010
Posts: 118



this example example may help you.


Thanks and Regards,
Sandeep Lokhande.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39541
    
  27
this example example may help you.

While it's not clear from the question what is meant by "best" algorithm, this example shows how to use DES, which is by now obsolete and insecure to use.

But let's take a step back and ask about the use case: what is the reason for wanting to encrypt a password? If you do that you'll have the encryption key to store, which is pretty much the same as a password; so what have you gained by doing it?

User passwords in particular should not be stored in a form that makes it possible to recover them; see this recent discussion for how to store passwords, and what to do if they get lost.


Ping & DNS - updated with new look and Ping home screen widget
shan raj
Ranch Hand

Joined: Dec 16, 2008
Posts: 42
Thanks for the reference.

While it's not clear from the question what is meant by "best" algorithm


I mean good technique can be used to encrypt/decrypt the username/password which can not be decrypted easily by third party

This is like a password remembering application. To store the username/password in encrypted form in a file and retrieve them when user needs. The username/password is may be email account or windows login and etc.

Can I use the DES since MessageDigest is the one-way algorithm. Correct me if i am wrong or let me know any other API to use it.

Thanks
Shan
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39541
    
  27
This is like a password remembering application. To store the username/password in encrypted form in a file and retrieve them when user needs. The username/password is may be email account or windows login and etc.

That is exactly what you should not do. If the password is lost or forgotten, have the user pick a new one.

Can I use the DES since MessageDigest is the one-way algorithm.

One-way is what you should use; see above. If you're insisting on using encryption for this -which will result in a less secure system- look into algorithms like Triple-DES and AES, both of which are supported by the JCE API. Do *not* use DES. The SecurityFaq has lots more detail about using JCE.
shan raj
Ranch Hand

Joined: Dec 16, 2008
Posts: 42
Thanks you very much for the response.
 
wood burning stoves
 
subject: Best encryption and decryption algorithm using java API.
 
Similar Threads
JDBC book
pagecontext
Anyone got an elegant solution?
Criptography API
Need Help to Create SMS GateWay For my Website