How to encrypt String in Java

This is the first page that shows up via Google and the security vulnerabilities in all the implementations make me cringe so I’m posting this to add information regarding encryption for others as it has been 7 Years from the original post. I hold a Masters Degree in Computer Engineering and spent a lot of time studying and learning Cryptography so I’m throwing my two cents to make the internet a safer place.

Also, do note that a lot of implementation might be secure for a given situation, but why use those and potentially accidentally make a mistake? Use the strongest tools you have available unless you have a specific reason not to. Overall I highly advise using a library and staying away from the nitty gritty details if you can.

UPDATE 4/5/18: I rewrote some parts to make them simpler to understand and changed the recommended library from Jasypt to Google’s new library Tink, I would recommend completely removing Jasypt from an existing setup.

Foreword

I will outline the basics of secure symmetric cryptography below and point out common mistakes I see online when people implement crypto on their own with the standard Java library. If you want to just skip all the details run over to Google’s new library Tink import that into your project and use AES-GCM mode for all your encryptions and you shall be secure.

Now if you want to learn the nitty gritty details on how to encrypt in java read on 🙂

Block Ciphers

First thing first you need to pick a symmetric key Block Cipher. A Block Cipher is a computer function/program used to create Pseudo-Randomness. Pseudo-Randomness is fake randomness that no computer other than a Quantum Computer would be able to tell the difference between it and real randomness. The Block Cipher is like the building block to cryptography, and when used with different modes or schemes we can create encryptions.

Now regarding Block Cipher Algorithms available today, Make sure to NEVER, I repeat NEVER use DES, I would even say NEVER use 3DES. The only Block Cipher that even Snowden’s NSA release was able to verify being truly as close to Pseudo-Random as possible is AES 256. There also exists AES 128; the difference is AES 256 works in 256-bit blocks, while AES 128 works in 128 blocks. All in all, AES 128 is considered secure although some weaknesses have been discovered, but 256 is as solid as it gets.

Fun fact DES was broken by the NSA back when it was initially founded and actually kept a secret for a few years. Although some people still claim 3DES is secure, there are quite a few research papers that have found and analyzed weaknesses in 3DES.

Encryption Modes

Encryption is created when you take a block cipher and use a specific scheme so that the randomness is combined with a key to creating something that is reversible as long as you know the key. This is referred to as an Encryption Mode.

Here is an example of an encryption mode and the simplest mode known as ECB just so you can visually understand what is happening:

The encryption modes you will see most commonly online are the following:

ECB CTR, CBC, GCM

There exist other modes outside of the ones listed and researchers are always working toward new modes to improve existing problems.

Now let’s move on to implementations and what is secure. NEVER use ECB this is bad at hiding repeating data as shown by the famous Linux penguin.

When implementing in Java, note that if you use the following code, ECB mode is set by default:

Cipher cipher = Cipher.getInstance("AES");

… DANGER THIS IS A VULNERABILITY! and unfortunately, this is seen all over StackOverflow and online in tutorials and examples.

Nonces and IVs

In response to the issue found with ECB mode nounces also known as IVs were created. The idea is that we generate a new random variable and attach it to every encryption so that when you encrypt two messages that are the same they come out different. The beauty behind this is that an IV or nonce is public knowledge. That means an attacker can have access to this but as long as they don’t have your key, they cant do anything with that knowledge.

Common issues I will see is that people will set the IV as a static value as in the same fixed value in their code. and here is the pitfall to IVs the moment you repeat one you actually compromise the entire security of your encryption.

Generating A Random IV

SecureRandom randomSecureRandom = SecureRandom.getInstance("SHA1PRNG");
byte[] iv = new byte[cipher.getBlockSize()];
randomSecureRandom.nextBytes(iv);
IvParameterSpec ivParams = new IvParameterSpec(iv);

Note: SHA1 is broken but I couldn’t find how to implement SHA256 into this use case properly, so if anyone wants to take a crack at this and update it would be awesome! Also SHA1 attacks still are unconventional as it can take a few years on a huge cluster to crack. Check out details here.

CTR Implementation

No padding is required for CTR mode.

 Cipher cipher = Cipher.getInstance("AES/CTR/NoPadding");

CBC Implementation

If you choose to implement CBC Mode do so with PKCS7Padding as follows:

 Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");

CBC and CTR Vulnerability and Why You Should Use GCM

Although some other modes such as CBC and CTR are secure they run into the issue where an attacker can flip the encrypted data, changing its value when decrypted. So let’s say you encrypt an imaginary bank message “Sell 100”, your encrypted message looks like this “eu23ng” the attacker changes one bit to “eu53ng” and all of a sudden when decrypted your message, it reads as “Sell 900”.

To avoid this the majority of the internet uses GCM, and every time you see HTTPS they are probably using GCM. GCM signs the encrypted message with a hash and checks to verify that the message has not been changed using this signature.

I would avoid implementing GCM because of its complexity. You are better off using Googles new library Tink because here again if you accidentally repeat an IV you are compromising the key in the case with GCM, which is the ultimate security flaw. New researchers are working towards IV repeat resistant encryption modes where even if you repeat the IV the key is not in danger but this has yet to come mainstream.

Now if you do want to implement GCM, here is a link to a nice GCM implementation. However, I can not ensure the security or if its properly implemented but it gets the basis down. Also note with GCM there is no padding.

Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");

Keys vs Passwords

Another very important note, is that when it comes to cryptography a Key and a Password are not the same things. A Key in cryptography needs to have a certain amount of entropy and randomness to be considered secure. This is why you need to make sure to use the proper cryptographic libraries to generate the key for you.

So you really have two implementations you can do here, the first is to use the code found on this StackOverflow thread for Random Key Generation. This solution uses a secure random number generator to create a key from scratch that you can the use.

The other less secure option is to use, user input such as a password. The issue as we discussed is that the password doesn’t have enough entropy, so we would have to use PBKDF2, an algorithm that takes the password and strengthens it. Here is a StackOverflow implementation I liked. However Google Tink library has all this built in and you should take advantage of it.

Android Developers

One important point to point out here is know that your android code is reverse engineerable and most cases most java code is too. That means if you store the password in plain text in your code. A hacker can easily retrieve it. Usually, for these type of encryption, you want to use Asymmetric Cryptography and so on. This is outside the scope of this post so I will avoid diving into it.

An interesting reading from 2013: Points out that 88% of Crypto implementations in Android were done improperly.

Final Thoughts

Once again I would suggest avoid implementing the java library for crypto directly and use Google Tink, it will save you the headache as they have really done a good job of implementing all the algorithms properly. And even then make sure you check up on issues brought up on the Tink github, vulnerabilities popup here and there.

If you have any questions or feedback feel free to comment! Security is always changing and you need to do your best to keep up with it 🙂

Related Posts:

  1. Given final block not properly padded
  2. How can I list the available Cipher algorithms?
  3. How to use OpenSSL to encrypt/decrypt files?
  4. Encrypt Password in Configuration Files?
  5. Encrypt Password in Configuration Files?
  6. RSA Public Key format
  7. Ask: Anonymization Data of live WordPress site
  8. “Char cannot be dereferenced” error
  9. Explanation on Integer.MAX_VALUE and Integer.MIN_VALUE to find min and max value in an array
  10. javax vs java package
  11. Converting array to list in Java
  12. How to check if a String contains another String in a case insensitive manner in Java?
  13. Failed to write core dump. minidumps are not enabled by default on client version of windows
  14. What is .crt and .key files and how to generate them?
  15. “Missing return statement” within if / for / while
  16. How to convert byte array to string and vice versa?
  17. good example of Javadoc
  18. Error when checking Java version: could not find java.dll
  19. Java Round up Any Number
  20. How do popBackStack() and replace() operations differ?
  21. What is the point of “final class” in Java?
  22. Can’t find mysqladmin on Mac OSX 10.6.8
  23. What is an AssertionError? In which case should I throw it from my own code?
  24. How can I prevent java.lang.NumberFormatException: For input string: “N/A”?
  25. How to send Https Post request in java
  26. Java error: Implicit super constructor is undefined for default constructor
  27. What is the purpose of a listener in Java?
  28. stale element reference: element is not attached to the page document
  29. Error: can only iterate over an array or an instance of java.lang.Iterable
  30. Why can array constants only be used in initializers?
  31. Where is Java’s Array indexOf?
  32. How do I create executable Java program?
  33. How to check if an int is a null
  34. How do I apply the for-each loop to every character in a String?
  35. What is the significance of log4j.rootLogger property in log4j.properties file? What happens if I don’t use this property?
  36. “Instantiating” a List in Java? [duplicate]
  37. HTTP Status 405 – Request method ‘POST’ not supported (Spring MVC)
  38. Missing `server’ JVM (Java\jre7\bin\server\jvm.dll.)
  39. Convert String array to ArrayList
  40. java uses or overrides a deprecated API error
  41. What is setBounds and how do I use it?
  42. Easiest way to convert a List to a Set in Java
  43. Exception in thread “main” java.lang.ClassNotFoundException:
  44. Exception in thread “main” java.lang.NumberFormatException: For input string: “S”
  45. How to set JAVA_HOME environment variable on Mac OS X 10.9?
  46. Remove last character of a StringBuilder?
  47. Why SpringMVC Request method ‘GET’ not supported?
  48. What does ‘public static void’ mean in Java?
  49. Error: JAVA_HOME is not defined correctly executing maven
  50. How do I time a method’s execution in Java?
  51. Eclipse No tests found using JUnit 5 caused by NoClassDefFoundError for LauncherFactory
  52. Android – SPAN_EXCLUSIVE_EXCLUSIVE spans cannot have a zero length
  53. How to sort an array of objects in Java?
  54. The specified child already has a parent. You must call removeView() on the child’s parent first (Android)
  55. HTTP Status 500 Error instantiating servlet class
  56. How to convert the following json string to java object?
  57. Java end of file
  58. A KeyValuePair in Java
  59. Unclosed Character Literal error
  60. Java ArrayList for integers
  61. Java error: void cannot be converted to String
  62. CreateProcess error=2, The system cannot find the file specified
  63. Add String Array to ArrayList
  64. Java Array Sort descending?
  65. The import javafx cannot be resolved
  66. Java Copy Constructor ArrayLists
  67. Implementing an actionlistener to a JTextField
  68. Address already in use: JVM_Bind java
  69. java.lang.ClassNotFoundException:com.mysql.jdbc.Driver [duplicate]
  70. How can I check if a value is of type Integer?
  71. Using regex to match any character except =
  72. Why is a ConcurrentModificationException thrown and how to debug it
  73. How to sort a HashSet?
  74. Variable used in lambda expression should be final or effectively final
  75. Populate int array with for loop in Java
  76. calling boolean method, heads or tails
  77. Android Color Picker
  78. How to fix an UnsatisfiedLinkError (Can’t find dependent libraries) in a JNI project
  79. How to Delete a topic in apache kafka [duplicate]
  80. Java Main Game Loop
  81. “Integer number too large” error message for 600851475143
  82. Append a single character to a string or char array in java?
  83. Java printf formatting to print items in a table or columns
  84. How to resolve “Syntax error on token “else”” in Java?
  85. What’s the difference between Jetty and Netty?
  86. Is there a way to simulate the C++ ‘friend’ concept in Java?
  87. Difference between volatile and synchronized in Java
  88. Good way to encapsulate Integer.parseInt()
  89. What is the difference between “Double” and “double” in Java?
  90. What is the purpose of the default keyword in Java?
  91. What exactly is Ajax request? Is it different from Servlet Request?
  92. java ‘jar’ is not recognized as an internal or external command
  93. String cannot be resolved to a type – Java RAD
  94. IntelliJ IDEA “The selected directory is not a valid home for JDK”
  95. Simple timeout in java
  96. Eclipse message saying List cannot be resolved to a type
  97. How to login into wordpress.com using HtmlUnit?
  98. wp_hash_password create a different hash everytime
  99. How WordPress hashes passwords
  100. Why can’t I save encrypted data in a transient?

2 thoughts on “How to encrypt String in Java”

  1. whoah this blog is wonderful i really like reading your articles. Keep up the great paintings! You realize, a lot of people are hunting round for this info, you could help them greatly.

    Reply

Leave a Comment