Good algorithm to encrypt string, AES invalid key exception

I'm trying to find an algorithm to encrypt small information with a key, It mostly will be passwords. After some research I tried using AES but the problem is that if I'm not using the same key for encryption en decryption an

InvalidKeyException

is thrown and I see no data.

Can I go around this or should I use another encryption algorithm ? So in other words if I encrypt data with the key= "example" and decrypt it with another key I would like to receive erroneous data.

Edit: I forgot to mention that I don't know much about security only the basics but I decided to go with the encryption route for this. I'll have a list of password and with the wrong key someone will see the wrong passwords. So no hashing.

Here is what I did:

public static String encryptPass(String pass,String key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidAlgorithmParameterException { MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(key.getBytes("UTF-8")); byte[] digest = md.digest(); SecretKey keyL = new SecretKeySpec(digest, "AES"); Cipher AesCipher = Cipher.getInstance("AES"); AesCipher.init(Cipher.ENCRYPT_MODE, keyL); byte[] encVal = AesCipher.doFinal(pass.getBytes()); pass = Base64.encodeToString(encVal, Base64.DEFAULT); Log.i("ADA", "encoded pass: " + pass); return pass; } public static String decryptPass(String encPass , String key) throws NoSuchAlgorithmException, UnsupportedEncodingException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException { MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(key.getBytes("UTF-8")); byte[] digest = md.digest(); SecretKey keyL = new SecretKeySpec(digest, "AES"); Cipher AesCipher = Cipher.getInstance("AES"); AesCipher.init(Cipher.DECRYPT_MODE, keyL); byte[] decodedValue = Base64.decode(encPass, Base64.DEFAULT); byte[] decValue = AesCipher.doFinal(decodedValue); String decryptedValue = new String(decValue); Log.i("ADA", "decrpyted pass: " + decryptedValue); return decryptedValue; }



Thanks for the help.

You should not roll your own encryption. There are experienced decrypter guys way better than beginner encrypter guys ;) It's warfare.

Use bcrypt instead.
https://en.wikipedia.org/wiki/Bcrypt

Guillermo Ishi wrote:You should not roll your own encryption. There are experienced decrypter guys way better than beginner encrypter guys ;) It's warfare.

Use bcrypt instead.
https://en.wikipedia.org/wiki/Bcrypt

Hum I'm not trying to roll my own encryption ? I tried using AES. The class of bcrypt doesn't allow me to pick a key but a salt. Secondly the class allows for password verification like this :


// To check whether a plaintext password matches one that has been hashed // previously, use the checkpw method: if (BCrypt.checkpw(candidate_password, stored_hash))<br /> System.out.println("It matches");<br /> else System.out.println("It does not match");<br />

I don't want to check if passwords are equals. I just want a known encryption algorithm that takes a String data and a String Key as input and gives me as output an encrypted String that if I use the decrypt algorithm with the said encrypted string and a key as input will give me an output no matter if the key is the same as the first one used or not.
So in other words if I encrypt data with the key= "example" and decrypt it with another key I would like to receive erroneous data.

I'm not trying to restrict access to any data. Data is fully visible by anyone who would use the app but unless they have the right key they will see erroneous data.

So to fix the first problem i changed my code to this :

private static final String truc = "f41a3ff27aab7d5c"; public static String encryptPass(String pass,String key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidAlgorithmParameterException { MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(key.getBytes("UTF-8")); byte[] digest = md.digest(); BCrypt bcrypt = new BCrypt(); SecretKey keyL = new SecretKeySpec(digest, "AES"); Cipher AesCipher = Cipher.getInstance("AES/CTR/NoPadding"); AesCipher.init(Cipher.ENCRYPT_MODE, keyL, new IvParameterSpec(truc.getBytes())); byte[] encVal = AesCipher.doFinal(pass.getBytes()); pass = Base64.encodeToString(encVal, Base64.DEFAULT); Log.i("ADA", "encoded pass: " + pass); return pass; } public static String decryptPass(String encPass , String key) throws NoSuchAlgorithmException, UnsupportedEncodingException, NoSuchPaddingException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException { MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(key.getBytes("UTF-8")); byte[] digest = md.digest(); SecretKey keyL = new SecretKeySpec(digest, "AES"); Cipher AesCipher = Cipher.getInstance("AES/CTR/NoPadding"); AesCipher.init(Cipher.DECRYPT_MODE, keyL, new IvParameterSpec(truc.getBytes())); byte[] decodedValue = Base64.decode(encPass, Base64.DEFAULT); byte[] decValue = AesCipher.doFinal(decodedValue); String decryptedValue = new String(decValue); Log.i("ADA", "decrpyted pass: " + decryptedValue); return decryptedValue; }

The problem however is that if the wrong key is set, the result will contain a lot of unwanted symbols that allow brute force. The whole point of this is to render bruteforce useless so I have to find a solution.

I thought about replacing the unwanted symbols by randomized ascii allowed chars. But I'm afraid it would be a leak. This goes way beyond what I know but the first thing that pops to my mind is that if a symbol has to be randomized it takes additional computing time. Thus allowing for brute force (every key that takes time greater than x is the wrong one). I could fix it by making the function take constant time but I'm afraid something I didn't think about might pop. So I decided to do an hybrid of using AES constant time plus some other algo i found.

NEVER EVER EVER EVER EVER EVER encrypt passwords. You should always hash and salt them.

As Guillermo mentioned, bcrypt is a good library that can be used for hashing passwords. For encrypting messages you should use a high-level AEAD algorithm.

Cedric Bosch wrote:I thought about replacing the unwanted symbols by randomized ascii allowed chars. But I'm afraid it would be a leak. This goes way beyond what I know but the first thing that pops to my mind is that if a symbol has to be randomized it takes additional computing time. Thus allowing for brute force (every key that takes time greater than x is the wrong one). I could fix it by making the function take constant time but I'm afraid something I didn't think about might pop. So I decided to do an hybrid of using AES constant time plus some other algo i found.

You're rolling your own crypto. NEVER EVER EVER EVER EVER EVER roll your own crypto. You WILL get it wrong. Smarter people than you or me will get it wrong. Use cryptographic algorithms that have been out there for a long time and have been proven to be very secure.

Stephan van Hulst wrote:NEVER EVER EVER EVER EVER EVER encrypt passwords. You should always hash and salt them.
As Guillermo mentioned, bcrypt is a good library that can be used for hashing passwords. For encrypting messages you should use a high-level AEAD algorithm.

No ! I don't want to hash my password! It's an application I make for myself and by hashing my password I'm vulnerable to brute force which I'm not with encryption even with a Caesar one. Passwords are randomized and approx the same length of the key. As far as I know it's not possible to retrieve the data if the key is known by me the user only and not stored.

Stephan van Hulst wrote:
You're rolling your own crypto. NEVER EVER EVER EVER EVER EVER roll your own crypto. You WILL get it wrong. Smarter people than you or me will get it wrong. Use cryptographic algorithms that have been out there for a long time and have been proven to be very secure.

My project is on hold at the moment but as it turns out AES was a bad choice anyway. I'll make more researches in the future but what I need is an encryption algorithm that change a string of ASCII char between a certain range and transform it with other chars that stays in that range. I'll roll my own if I don't find one it's no big deal as long as what I wrote above is correct "Passwords are randomized and approx the same length of the key. As far as I know it's not possible to retrieve the data if the key is known by me the user only and not stored"

Cedric Bosch wrote:I don't want to hash my password! It's an application I make for myself and by hashing my password I'm vulnerable to brute force which I'm not with encryption even with a Caesar one.

What do you base this information on? Hashes are not vulnerable to brute force. Encryption will serve no other purpose than to provide a means to go from the cipher back to the password. For this use case, encryption is actually less secure than hashing.

I'll make more researches in the future but what I need is an encryption algorithm that change a string of ASCII char between a certain range and transform it with other chars that stays in that range.

This is not an issue of encryption. This is an issue of encoding. Encryption has nothing to do with characters. Encryption transforms raw bytes to raw bytes. After this process, you can encode the bytes to characters using schemes such as Base64.

Passwords are randomized and approx the same length of the key. As far as I know it's not possible to retrieve the data if the key is known by me the user only and not stored

So you would still need a secret key that is known ahead of time by both you and the user? Why does the user need to know the key?

Please take a look at this example I wrote:import java.security.*; import java.security.spec.*; import java.util.*; import java.util.regex.*; import javax.crypto.*; import javax.crypto.spec.*; final class Password { private static final String ALGORITHM = "PBKDF2WithHmacSHA256"; private static final int KEY_LENGTH = 256; private static final int SALT_LENGTH = 64; private static final int ITERATION_COUNT = 50000; private final String algorithm; private final byte[] hash, salt; private final int iterationCount; private Password(String algorithm, byte[] hash, byte[] salt, int iterationCount) { this.algorithm = algorithm; this.hash = hash; this.salt = salt; this.iterationCount = iterationCount; } boolean matches(char[] password) { try { SecretKeyFactory factory = SecretKeyFactory.getInstance(this.algorithm); PBEKeySpec spec = new PBEKeySpec(password, this.salt, this.iterationCount, this.hash.length * 8); try { byte[] hash = factory.generateSecret(spec).getEncoded(); return Arrays.equals(hash, this.hash); } finally { spec.clearPassword(); } } catch (NoSuchAlgorithmException | InvalidKeySpecException ex) { throw new AssertionError("An unexpected exception occurred.", ex); } finally { Arrays.fill(password, (char) 0); } } String encode() { Base64.Encoder encoder = Base64.getEncoder(); return String.format("%s|%s|%s|%d", this.algorithm, encoder.encodeToString(this.hash), encoder.encodeToString(this.salt), this.iterationCount ); } static Password decode(String encoded) { Pattern pattern = Pattern.compile("(?<algorithm>.*?)[|](?<hash>.*?)[|](?<salt>.*?)[|](?<iterations>\\d*?)"); Matcher matcher = pattern.matcher(encoded); if (!matcher.matches()) throw new IllegalArgumentException("Encoded string does not match pattern."); Base64.Decoder decoder = Base64.getDecoder(); String algorithm = matcher.group("algorithm"); byte[] hash = decoder.decode(matcher.group("hash")); byte[] salt = decoder.decode(matcher.group("salt")); int iterationCount = Integer.parseInt(matcher.group("iterations")); return new Password(algorithm, hash, salt, iterationCount); } static Password generate(char[] password) { try { byte[] salt = new byte[SALT_LENGTH / 8]; SecureRandom.getInstance("SHA1PRNG").nextBytes(salt); SecretKeyFactory factory = SecretKeyFactory.getInstance(ALGORITHM); PBEKeySpec spec = new PBEKeySpec(password, salt, ITERATION_COUNT, KEY_LENGTH); try { byte[] hash = factory.generateSecret(spec).getEncoded(); return new Password(ALGORITHM, hash, salt, ITERATION_COUNT); } finally { spec.clearPassword(); } } catch (NoSuchAlgorithmException | InvalidKeySpecException ex) { throw new AssertionError("An unexpected exception occurred.", ex); } finally { Arrays.fill(password, (char) 0); } } public static void main(String... args) { Password password = Password.generate(new char[] {'p', 'a', 's', 's', 'w', 'o', 'r', 'd'}); System.out.println(password.encode()); System.out.println(password.matches(new char[] {'p', 'a', 's', 's', 'w', 'o', 'r', 'd'})); } }