GeeCON Prague 2014*
The moose likes Security and the fly likes RSA encryption in J2ME Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Engineering » Security
Bookmark "RSA encryption in J2ME" Watch "RSA encryption in J2ME" New topic
Author

RSA encryption in J2ME

Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Hi,

I was trying RSA encryption in J2ME. But whatever algorithm I give in cipher.getInstance() throws me and NoSuchAlgorithmException.

The code I am trying is



I tried RSA/None/NoPadding too.

It throws

java.security.NoSuchAlgorithmException: RSA/ECB/PKCS1Padding
at javax.crypto.Cipher.getInstance(Cipher.java:488)
- red.RSAEncrypt.<init>(RSAmid.java:98)
- red.RSAmid.connect(RSAmid.java:80)
- red.RSAmid.commandAction(RSAmid.java:64)
at javax.microedition.lcdui.Display$ChameleonTunnel.callScreenListener(), bci=39
at com.sun.midp.chameleon.layers.SoftButtonLayer.processCommand(), bci=62
at com.sun.midp.chameleon.layers.SoftButtonLayer.commandSelected(), bci=14
at com.sun.midp.chameleon.layers.MenuLayer.pointerInput(), bci=150
at com.sun.midp.chameleon.CWindow.pointerInput(), bci=80
at javax.microedition.lcdui.Display$DisplayEventConsumerImpl.handlePointerEvent(), bci=52
at com.sun.midp.lcdui.DisplayEventListener.process(), bci=346
at com.sun.midp.events.EventQueue.run(), bci=130
at java.lang.Thread.run(Thread.java:723)
java.lang.NullPointerException: 0
- red.RSAEncrypt.encrypt(RSAmid.java:107)
- red.RSAmid.connect(RSAmid.java:81)
- red.RSAmid.commandAction(RSAmid.java:64)
at javax.microedition.lcdui.Display$ChameleonTunnel.callScreenListener(), bci=39
at com.sun.midp.chameleon.layers.SoftButtonLayer.processCommand(), bci=62
at com.sun.midp.chameleon.layers.SoftButtonLayer.commandSelected(), bci=14
at com.sun.midp.chameleon.layers.MenuLayer.pointerInput(), bci=150
at com.sun.midp.chameleon.CWindow.pointerInput(), bci=80
at javax.microedition.lcdui.Display$DisplayEventConsumerImpl.handlePointerEvent(), bci=52
at com.sun.midp.lcdui.DisplayEventListener.process(), bci=346
at com.sun.midp.events.EventQueue.run(), bci=130
at java.lang.Thread.run(Thread.java:723)


But the algorithm I have given is correct as per the statements given here

"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
--- Martin Fowler
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
But the algorithm I have given is correct as per the statements given here

That documentation pertains to JSE 7, a rather different JRE than JME (which may therefore not support the same ciphers). I don't actually see any hint of JCE in the various Java Mobile javadocs linked from http://docs.oracle.com/javame/mobile/mobile.html; how are you adding JCE to your JME environment?


Ping & DNS - my free Android networking tools app
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
The only standalone implementation of JCE I'm aware of (JCE 1.2.x, available at http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-java-plat-419418.html) does not support RSA according to its documentation. You may have to resort to a 3rd party implementation like BouncyCastle.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Even if the algorithm exists the statement
will fail since an RSA key cannot be generated using a SecretKeySpec !
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Ulf and Richard,

Thanks for the clarification. As I mentioned in my earlier post I am not able to obfuscate the jar. But the only solution I find to use classes as Secure Random,Private Key is to obfuscate the jar file. I obfuscated my jar using Netbeans and I installed Pro guard separately and I tried with that too. Nothing worked. The exception NoClassDefFound hasn't been removed.

Richard,

I found out that SecretKeySpec can't be used for RSA later. Sorry now I use Public Key. I generate the key pair in a different java class in a server. I pass the key through Data IO Streams as byte[] but I am not able to convert a byte[] to a public key. How can I solve this? Give me some hints I will try.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
I'm not sure what the obfuscation issue has to do with the problem described above. I asked about the JCE implementation you are using...?

Regarding the public key issue, if you have questions about code, then you should post a relevant excerpt of that code so that we know what you're talking about.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Ulf,

I am not using any JCE implementations separately. I use Netbeans, so what ever comes with it I am using. I am sorry but I don't know how to get its details.

Regarding the code, its as follows:



I need to convert the above said byte[] dds to be a public key.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
I am not using any JCE implementations separately. I use Netbeans, so what ever comes with it I am using.

It's possible that NetBeans uses the JSE class libraries (instead of the JME class libraries) for this, so you should make sure that whatever JME environment you're planning to deploy this in has the JCE libraries, or can support an externally added one like JCE 1.2 or BouncyCastle.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

You don't seem to have listened to anything I have written about creating good code ! In your code fragment

your variable names are atrocious and your exception handling allows one to continue even though if anything fails it is a system error. Both points I covered in your other thread!

Since we have no idea how you generated the key bytes from the RSA public key (you do only export the public key and not the private key don't you!) we have no idea how those bytes should be converted to an RSAPublicKey!
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Ulf,

I am using Bouncy Castle for RSA. Bouncy castle has Secure Random and Big Integer classes under java.security.SecureRandom and java.math.BigInteger. This is why they have asked people using BC in J2ME to go for obfuscation.

Richard,

Sorry about the variable names. I just type what ever keys my fingers are on for that time. And as for handling System errors, I have said as you have done but as this is a sample code, I didn't implement it.

The server side key generation is as given below

Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:Ulf,

I am using Bouncy Castle for RSA. Bouncy castle has Secure Random and Big Integer classes under java.security.SecureRandom and java.math.BigInteger. This is why they have asked people using BC in J2ME to go for obfuscation.

I really really don't understand. Why does using BC in j2ME require obfuscation?

Richard,

Sorry about the variable names. I just type what ever keys my fingers are on for that time. And as for handling System errors, I have said as you have done but as this is a sample code, I didn't implement it.

The server side key generation is as given below



This is pretty much straight out of the box but how do the parameters of your other code relate to this? Without knowing this we would only be guessing.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
Why does using BC in j2ME require obfuscation?

Because in order to use JCE several classes in the java.* and javax.* packages need to be added that are not present in JME. That is not possible directly due to JRE security restrictions on this, but it does work when the classes are obfuscated. But let's please not discuss that in this topic, as it has nothing to do with the issue at hand.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Ulf Dittmer wrote:
Why does using BC in j2ME require obfuscation?

Because in order to use JCE several classes in the java.* and javax.* packages need to be added that are not present in JME. That is not possible directly due to JRE security restrictions on this, but it does work when the classes are obfuscated. But let's please not discuss that in this topic, as it has nothing to do with the issue at hand.


OK - still seems peculiar but I will let it pass; presumably one changes the package structure so that the security manager is does not object. Assuming it exists for J2ME, it sounds to me like the OP should use the BC lightweight API.

Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I use Data I/O streams of servlet to send these data to my jme device. This key is generated in a separate java file. I send it to servlet by calling the method and then send it through the output stream.

Ya light weight version of BC is used for JME. It contains only less classes.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:. This key is generated in a separate java file. I send it to servlet by calling the method and then send it through the output stream.


But in what format ? As a Java Serialized object? As a Certificate? As the bytes of the getEncoded() method? Or what?
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I have given you my key generation code above. I pass that as a String to servlet and then pass as byte[] using writeBytes() method of DataOutputStream.

The code:

Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

We have SecretKeySpec while using AES to get the byte[] and change it to key, right? Is there something similar to this for getting RSA public and private keys?
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:Richard,

I have given you my key generation code above. I pass that as a String to servlet and then pass as byte[] using writeBytes() method of DataOutputStream.

The code:



The method generateRSAkeypair() you have posted does not generate a String so we still don't know the format of your key!
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:Richard,

We have SecretKeySpec while using AES to get the byte[] and change it to key, right? Is there something similar to this for getting RSA public and private keys?


If you are using the JCE in the client then in your server you can use the getEncoded() method of the RSAPubllicKey and pass the bytes of that to your client. Your client can then use


If you are using the BC lightweight in the client then in your server you generate the byte of the modulus and exponent using

and ship the content of the two byte arrays to your client. In your client you then use

to generate the RSA public key in a form suitable for use in BC lightweight encryption.

You do not need to pass the private key to the client.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,



This methods returns String dd which is in the format 'PrivateKey'@#'PublicKey' which is then stored in String 'r' of the servlet program . That string is split with the delimiter @# and given to dos.write() methods.

I am not able to use the getEncoded() method with the RSAprivkey and RSApubkey given in the above program. That is why I am sending it as string to servlet.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:Richard,



This methods returns String dd which is in the format 'PrivateKey'@#'PublicKey' which is then stored in String 'r' of the servlet program .

No it doesn't ! It returns something along the lines of

org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters@1ce58c1@#org.bouncycastle.crypto.params.RSAKeyParameters@250179

It is obvious that you cannot reconstruct the private and public key pairs from this!

Never ever ever ever use the toString() method of an object, and you are doing in the above code, to serialize the object.


That string is split with the delimiter @# and given to dos.write() methods.

I am not able to use the getEncoded() method with the RSAprivkey and RSApubkey given in the above program. That is why I am sending it as string to servlet.


This whole dialogue is not working. I never know from one moment or the next whether you are using the JCE or the BC lightweight API. I would suggest that you use the BC lightweight API for everything you can. The problem then is that though I have used the lightweight API extensively I have never used J2ME so I do not know what restrictions it imposes.

Note - you should not send the RSA private key to the client. If you do this it makes a nonsense of the security since you are passing the key in the clear so anyone intercepting the client-server communication will find it easy to decrypt. All you need to send is the public key then the client can encrypt with that and only the server can decrypt. You do realise that your communication will not be authenticated ! You will have two people who can't prove who they are talking very securely.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I am using BC lightweight API. My key generation code using BC was from Enterprise J2ME written by Michael Juntao Yuan. I am doing encryption for messages currently. I don't want clients to handle key generation, so I generate both keys in server and pass it to the client. To be more clear.

Client 1 sends message 1 to client 2. What I do is

# Generate key pairs for client 1 in server and send both the keys to client 1.

# He uses the public key to encrypt message 1 and sends the message and public key to client 2 through server.

# Similarly I generate key pairs for client 2 in server and send both the keys to client 2.

# He uses his private key to decrypt the message.

In this scenario, if I have the private key to decrypt and decrypt the message sent by client 1 to client 2, then raw data will be sent to client 2 from server. Now what is the use of encrypting the message here?

This is why I pass the private key to the respective users.

I tried the following programs for key generation and receiving public keys using BC light weight API but this throws InvalidKeySpecException.

Key Generation:



The code for receiving key is



Stack trace is
java.security.spec.InvalidKeySpecException
at com.sun.satsa.crypto.RSAPublicKey.<init>(), bci=188
at java.security.KeyFactory.generatePublic(KeyFactory.java:327)
- red.RSAEncrypt.<init>(RSAmid.java:116)
- red.RSAmid.connect(RSAmid.java:91)
- red.RSAmid.commandAction(RSAmid.java:73)
at javax.microedition.lcdui.Display$ChameleonTunnel.callScreenListener(), bci=39
at com.sun.midp.chameleon.layers.SoftButtonLayer.processCommand(), bci=62
at com.sun.midp.chameleon.layers.SoftButtonLayer.commandSelected(), bci=14
at com.sun.midp.chameleon.layers.MenuLayer.pointerInput(), bci=150
at com.sun.midp.chameleon.CWindow.pointerInput(), bci=80
at javax.microedition.lcdui.Display$DisplayEventConsumerImpl.handlePointerEvent(), bci=52
at com.sun.midp.lcdui.DisplayEventListener.process(), bci=346
at com.sun.midp.events.EventQueue.run(), bci=130
at java.lang.Thread.run(Thread.java:723)


And another problem here is J2ME doesn't support PKCS8 padding used in Privatekey.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
This is why I pass the private key to the respective users..


That totally defeats the object of the encryption ! You must not send the private key anywhere. A private key is PRIVATE to the person generating it and must not be revealed to anyone else EVER! If it is revealed then it must never ever ever be used again.

As I said, forget the JCE and use only the BC lightweight API and ship the bytes of the modulus and public exponent then you won't need PKCS8 BUT BUT BUT it sounds to me like you need to use Diffie Hellman rather than RSA to generate a securely shared AES secret key.

I can't condone creating a totally insecure system so until you stop sending the private key anywhere I shan't respond again.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

Ok. I won't send private keys here after we shall close this topic. I am gonna use Diffie Hellman but I need some clarifications

Do you consider Diffie Hellman to be safe?

If so can you give me some explanation.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
Ok. I won't send private keys here after we shall close this topic. I am gonna use Diffie Hellman but I need some clarifications

Do you consider Diffie Hellman to be safe?


My opinion doesn't matter but the rest of the world consider DH safe and it is used in SSH for key exchange. SSH is generally considered to be the safest point to point communication that does not use secure sockets . All the classes you need are in the BC lightweight distribution but it does use BigInteger so you still have to deal with that problem. It still does not deal with your authentication problem; SSH gets round this by using RSA or DSA authentication (one does not ship the DSA or RSA private key for authentication but to make it secure the key does have to be generated on the client).

Since I don't know what your application is doing (though I can make a guess) I can't be sure that DH is what you need. Since you seem to be connecting to an HTTP server have you considered using HTTPS; assuming HTTPS sockets are available in J2ME then this would solve most of your problems without the need for explicit encryption.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I am not familiar with SSH. I will try and learn about it. But can you provide me a full example which provides implementation of the full DH algorithm. I can find code snippets on key agreement and so on but I can't get the full implementation example. I assure you that I won't copy the code but I need it as an example to try and implement my code. Provide me if you have one.

I am using HTTPS connection in my original program. Since I am testing these encryption I am using HTTP. My project is a simple application which is like WhatsApp or Viber. But I have to include encryption for the messages in it. So I am working on encryption that is it.

P.S: HTTPS connection is available in J2ME.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
Partheban Udayakumar wrote:I am not familiar with SSH. I will try and learn about it.

Don't. I think you have enough to learn as it is. Richard merely used that as an example of how DH is considered secure, but it has nothing to do with the problem at hand.

But can you provide me a full example which provides implementation of the full DH algorithm.

No, that's not how this site works. Besides, it's dangerous to implement security stuff that you don't understand - it's way too easy to implement insecure systems (as was demonstrated when you wanted to communicate private keys).

HTTPS connection is available in J2ME.

Excellent. HTTPS provides encryption, so just use that for the connection, and be done with it.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
I am not familiar with SSH. I will try and learn about it.

You don't need to. I was just citing this as an example of where DH is used.

But can you provide me a full example which provides implementation of the full DH algorithm. I can find code snippets on key agreement and so on but I can't get the full implementation example. I assure you that I won't copy the code but I need it as an example to try and implement my code. Provide me if you have one.

I don't have a compact example of DH using the lightweight API. For my SSH server and client I have generated a set of convenience wrappers which I don't want to release at this time. Plenty of examples are available through Google.

I am using HTTPS connection in my original program. Since I am testing these encryption I am using HTTP. My project is a simple application which is like WhatsApp or Viber. But I have to include encryption for the messages in it. So I am working on encryption that is it.

P.S: HTTPS connection is available in J2ME.


Presumably this is a schoo/college assignment. You have already done AES encryption so assuming you have used a password based logon procedure then why not use HTTPS in the logon/authentication and then use a digest of the user's password as an AES encryption key and then drop back to HTTP after authentication?
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

Presumably this is a school/college assignment.


OMG. No,No,NoI am working in a company. I am not strong in java, so I appear to be dumb Sorry for that.

You have already done AES encryption so assuming you have used a password based logon procedure then why not use HTTPS in the logon/authentication and then use a digest of the user's password as an AES encryption key and then drop back to HTTP after authentication?


I have to see what are all the encryption techniques that can be applied to this project and then report back. They will decide on it and they will tell me which one to use.

Really Richard, do I look so dumb for a professional
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I don't have a compact example of DH using the lightweight API. For my SSH server and client I have generated a set of convenience wrappers which I don't want to release at this time. Plenty of examples are available through Google.


I see only Key generation in DH algorithm when I Google it. Can you provide me some links which show encryption of strings using DH algorithm?


Ulf,

Sorry just now noticed you post. Thanks for the advice But I would like to explore the different encryption techniques which can be implemented in J2ME.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
I see only Key generation in DH algorithm when I Google it. Can you provide me some links which show encryption of strings using DH algorithm?


You seem to be missing the point. DH is only used for key generation and sharing; not for encryption! You would then use the generated (and shared key) with something like AES which you already have experience of.

In your position first of all I would get the key generation and exchange working. Once that is working I would worry about the encryption.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

I get it now Thanks for the clarification. Apart from DES, AES, tripleDES, Blowfish, Twofish. What are the other reliable algorithms I can use for encryption and decryption of data?
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
I have to see what are all the encryption techniques that can be applied to this project and then report back. They will decide on it and they will tell me which one to use.


That is a ridiculous brief to be given to a person who has no cryptographic experience. I have been doing cryptography for many years and would not be able to do this. Cryptography is a very very big and complex topic and creating secure systems is very difficult. I have worked on several secure project and have always insisted that before we start implementation we get the design looked at by a real security consultant. I can normally implement the code but I don't have the general cryptographic and security experience to be classed as an expert.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:Richard,

I get it now Thanks for the clarification. Apart from DES, AES, tripleDES, Blowfish, Twofish. What are the other reliable algorithms I can use for encryption and decryption of data?


I would forget DES, trippleDES, Blowfish and Twofish. AES is the standard algorithm to use for block based encryption. Once you have AES working the rest of these are just minor variations.

Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

Thanks for the help and sorry I am a total newbie to java security.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

The more I think about your brief the less I like it. Since you are working with a Web server it makes no sense to try to improve on using HTTPS. HTTPS is the standard and ,apart from one hiccup a few years back, is thought to be secure. I would be very unhappy using a security system with HTTP that used a home grown approach. HTTPS would allow you to have simple password based authentication or to use certificate based authentication and all the encryption would be implicit. Software maintenance problems would be minimal since you would have very little code that is not part of standard libraries.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42031
    
  64
Partheban Udayakumar wrote:I am a total newbie to java security.

With all due respect, then you probably should not be in charge of this, even if someone else makes the decisions. It is very easy to put insecure systems in place if you don't exactly know what you're doing.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Ulf,

If all the security works are done by experts when and how can the freshers learn about it. The application will be rigorously tested for security threats before giving it to the client so you don't have to be worry about security problems.

Richard,

I get your point. I will propose your point along with the report I send. Thanks once again for the guidance.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1064
    
  10

Partheban Udayakumar wrote:
If all the security works are done by experts when and how can the freshers learn about it.

By working as I did under the guidance of a security expert but that did not make me an expert. If you want to see what happens when people don't do security properly then follow this Adobe fiasco link.

The application will be rigorously tested for security threats before giving it to the client so you don't have to be worry about security problems.

I will guarantee it won't be! No disrespect to you but the fact that your company is allowing you, who by your own admission know little about security, to evaluate techniques so as to allow them to choose a security approach means that they are not security savvy. The testing will be minimal and probably limited to making sure that the clearrtext->ciphertext->cleartext transformations work. Most none security experts erroneously believe that once they encrypt the data they have a secure system. You had that notion when you wanted to send RSA private keys from the server to clients. There is much much more to security than encryption!
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 263

Richard,

What can I say?
 
GeeCON Prague 2014
 
subject: RSA encryption in J2ME