aspose file tools*
The moose likes Security and the fly likes ECDH with AES in J2ME Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "ECDH with AES in J2ME" Watch "ECDH with AES in J2ME" New topic
Author

ECDH with AES in J2ME

Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Hi all,

I am trying to implement ECDH key exchange with AES 256 in J2ME. But I have trouble in generating the ECDH keys. I use Netbeans7.4 and BouncyCastle's lcrypto-j2me-149. The code I tried out is as below:



The Stack Trace is
TRACE: <at java.lang.NoClassDefFoundError: java/security/SecureRandom>, startApp threw an Exception
java.lang.NoClassDefFoundError: java/security/SecureRandom
at java.lang.Class.invoke_verify(), bci=0
at java.lang.Class.initialize(), bci=100
at ecies.TestMidlet.startApp(), bci=32
at javax.microedition.midlet.MIDletTunnelImpl.callStartApp(), bci=1
at com.sun.midp.midlet.MIDletPeer.startApp(), bci=5
at com.sun.midp.midlet.MIDletStateHandler.startSuite(), bci=261
at com.sun.midp.main.AbstractMIDletSuiteLoader.startSuite(), bci=38
at com.sun.midp.main.CldcMIDletSuiteLoader.startSuite(), bci=5
at com.sun.midp.main.AbstractMIDletSuiteLoader.runMIDletSuite(), bci=144
at com.sun.midp.main.AppIsolateMIDletSuiteLoader.main(), bci=26
java.lang.NoClassDefFoundError: java/security/SecureRandom
at java.lang.Class.invoke_verify(), bci=0
at java.lang.Class.initialize(), bci=100
at ecies.TestMidlet.startApp(), bci=32
at javax.microedition.midlet.MIDletTunnelImpl.callStartApp(), bci=1
at com.sun.midp.midlet.MIDletPeer.startApp(), bci=5
at com.sun.midp.midlet.MIDletStateHandler.startSuite(), bci=261
at com.sun.midp.main.AbstractMIDletSuiteLoader.startSuite(), bci=38
at com.sun.midp.main.CldcMIDletSuiteLoader.startSuite(), bci=5
at com.sun.midp.main.AbstractMIDletSuiteLoader.runMIDletSuite(), bci=144
at com.sun.midp.main.AppIsolateMIDletSuiteLoader.main(), bci=26
javacall_lifecycle_state_changed() lifecycle: event is JAVACALL_LIFECYCLE_MIDLET_SHUTDOWN status is JAVACALL_OK
C:\Users\XSEC\Documents\NetBeansProjects\EncryptionTest\nbproject\build-impl.xml:782: Execution failed with error code 1.
BUILD FAILED (total time: 1 minute 51 seconds)


When I obfuscate it with Proguard plugin in with High level it shows:

TRACE: <at java.lang.Error: ClassFormatError: 78>, startApp threw an Exception
java.lang.Error: ClassFormatError: 78
at bh.<clinit>(), bci=362
at java.lang.Class.invoke_clinit(), bci=0
at java.lang.Class.initialize(), bci=125
at ecies.TestMidlet.startApp(), bci=8
at javax.microedition.midlet.MIDletTunnelImpl.callStartApp(), bci=1
at com.sun.midp.midlet.MIDletPeer.startApp(), bci=5
at com.sun.midp.midlet.MIDletStateHandler.startSuite(), bci=261
at com.sun.midp.main.AbstractMIDletSuiteLoader.startSuite(), bci=38
at com.sun.midp.main.CldcMIDletSuiteLoader.startSuite(), bci=5
at com.sun.midp.main.AbstractMIDletSuiteLoader.runMIDletSuite(), bci=144
at com.sun.midp.main.AppIsolateMIDletSuiteLoader.main(), bci=26
java.lang.Error: ClassFormatError: 78
at bh.<clinit>(), bci=362
at java.lang.Class.invoke_clinit(), bci=0
at java.lang.Class.initialize(), bci=125
at ecies.TestMidlet.startApp(), bci=8
at javax.microedition.midlet.MIDletTunnelImpl.callStartApp(), bci=1
at com.sun.midp.midlet.MIDletPeer.startApp(), bci=5
at com.sun.midp.midlet.MIDletStateHandler.startSuite(), bci=261
at com.sun.midp.main.AbstractMIDletSuiteLoader.startSuite(), bci=38
at com.sun.midp.main.CldcMIDletSuiteLoader.startSuite(), bci=5
at com.sun.midp.main.AbstractMIDletSuiteLoader.runMIDletSuite(), bci=144
at com.sun.midp.main.AppIsolateMIDletSuiteLoader.main(), bci=26
javacall_lifecycle_state_changed() lifecycle: event is JAVACALL_LIFECYCLE_MIDLET_SHUTDOWN status is JAVACALL_OK
C:\Users\XSEC\Documents\NetBeansProjects\EncryptionTest\nbproject\build-impl.xml:782: Execution failed with error code 1.
BUILD FAILED (total time: 37 seconds)


"Any fool can write code that a computer can understand. Good programmers write code that humans can understand."
--- Martin Fowler
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

I thought you had solved the problem of the java.lang.NoClassDefFoundError: java/security/SecureRandom exception well over a month ago!

Your code seems to indicate that you are still hanging on to the silly and insecure idea that in key exchange the actual key generation is only done by one party and then the generated key is passed in the clear to the other party !
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,

No no I am not passing any keys. That code is just for ECDH key generation. It uses Secure Random Class which I am not able to bring into JME. I reassure you that I given up the idea of passing keys from client to server. They say obfuscation works for BouncyCastle. But I doubt it. I get class format error: 78. What is that 78 by the way. Do you have any ideas?
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

Partheban Udayakumar wrote:Richard,

No no I am not passing any keys. That code is just for ECDH key generation.

Then what is this code doing since it play no part in ECHD key generation and is everything to do with sharing keys?

It uses Secure Random Class which I am not able to bring into JME. I reassure you that I given up the idea of passing keys from client to server. They say obfuscation works for BouncyCastle. But I doubt it. I get class format error: 78. What is that 78 by the way. Do you have any ideas?


As I have said before I know nothing about J2ME. A search " I get class format error: 78" gives a load of results and to quote this result http://craftingjava.blogspot.co.uk/2012/07/reason-for-javalangclassformaterror.html


In the java API documentation it is given that "this error would be thrown when the java virtual machine attempts to read a class file and founds that the class file has been altered in such a way that it loses its integrity."


Though the blog is not definitive it would indicate that you have corrupted your class file!
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,

Yes that part is regarding the transportation of public key. It's the way the algorithm works(Correct me if I am wrong).

Now I am concerned about this part



Because the key pair couldn't be generated as it uses SecureRandom Class.

After a small research, I came to know that as there is a Secure Random Class with Bouncy Castle, the original class and this class conflicts. That is why the class format error occurs here. My program should take Secure Random from Bouncy castle but it does the other thing. Can we do something about this?
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

Partheban Udayakumar wrote:Richard,

Yes that part is regarding the transportation of public key. It's the way the algorithm works(Correct me if I am wrong).

Sorry but you are very wrong; that code does nothing useful to you. Both the client and the server need to generate an ECHD (private, public) key pair. The client then sends it's public key to the server and the server sends it's public key to the client. The client then generates the shared secret using it's private key and the server's public key. Similarly, the server generates the same shared secret using it's private key and the client's public key. Only the two public keys are passed over the insecure channel and these two are not sufficient on their own to generate the shared secret.

From this you can see that you need to in some way serialise public keys so they can be passed between client and server. That code does not do that.


Now I am concerned about this part



Because the key pair couldn't be generated as it uses SecureRandom Class.

After a small research, I came to know that as there is a Secure Random Class with Bouncy Castle, the original class and this class conflicts. That is why the class format error occurs here. My program should take Secure Random from Bouncy castle but it does the other thing. Can we do something about this?


I thought you had solved this problem in your earlier work but since I don't understand the technique used I can't help with it.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,
I know that we have to generate keys on both sides. I am just testing one side generation of keys. Big Integer Class is being accepted but Secure Random doesn't work. Its odd. As far as I searched all have the same problem which occurs to me in JME. Anyways thanks for taking your time and replying. Please show this post to some one whom you think may be helpful.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

Point 3 in http://www.bouncycastle.org/wiki/display/JA1/Frequently+Asked+Questions is about the best answer you are likely to get and based on your earlier threads I assume you have already followed that advice.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,

Ya I saw that the first time you told me. I tried everything in that Nokia Development page. Still having the same problem
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

The more I think about this the more I think that the problem is that you are not correctly obfuscating your code, the BC lightweight crypto jar and the BC jar that implements BigInteger and SecureRandom. Since you have not detailed how you are attempting to do this it is going to be very difficult for anyone to help any further.
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,

I am not using any special tool. The Proguard Obfuscator comes with Netbeans as a plugin. So as per the link, I set obfuscation level to high and run the file. When I run in that way, Class Format Error:78 occurs about which we discussed earlier.
Richard Tookey
Ranch Hand

Joined: Aug 27, 2012
Posts: 1067
    
  10

Partheban Udayakumar wrote:Richard,

I am not using any special tool. The Proguard Obfuscator comes with Netbeans as a plugin. So as per the link, I set obfuscation level to high and run the file. When I run in that way, Class Format Error:78 occurs about which we discussed earlier.


Then either you have a bug in Progard or you are using it wrongly. Maybe Progard have a forum or maybe you might ask in the Netbeans forums!
Partheban Udayakumar
Ranch Hand

Joined: Jul 04, 2013
Posts: 265

Richard,

Ok, I will look into it. Thanks for your replies.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: ECDH with AES in J2ME