• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Devaka Cooray
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Knute Snortum
  • Bear Bibeault
Saloon Keepers:
  • Ron McLeod
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Ganesh Patekar
Bartenders:
  • Frits Walraven
  • Carey Brown
  • Tim Holloway

Algorithm for Encryption and Decryption..

 
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,

I want an algorithm that can encrypt my username while they are inserting first into database and later on when I want to show the username in the application after being login in the application through that username itself. As user will enter the decrypted form of the username. Password encryption we are already using in our application but this is a single way process as we are not showing that anywhere else so once it was inserted into the application first then only I encrypted that. And I want a different approach for username as I need to use that both in login process and to show the same in application as well.

So, please suggest me the best possible algorithm that can be used in thsi context and without compromising on the security issue.

Thanks
Kushagra Bindal
 
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
What is the point of encrypting the username? Against what kind of attack are you trying to protect it?
 
Kushagra Bindal
Ranch Hand
Posts: 156
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

This can be anything means like a ISBN no of the publishing book and credit card number of the bank or anything else. In both cases when the user need to login into the system for a particular ISBN/Credit Card then client requirement is to put that in encrypted format in the database and decrypt the same when user need to login into the system to check it and after that to show the same on the application as well.

Thanks
Kushagra
 
Ranch Hand
Posts: 781
Netbeans IDE Ubuntu Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You have a fairly steep learning curve. A forum is a great place for ironing out problems but not good as a tutorial on a subject. If you are really serious about this and want to create a secure system then you need to spend a lot of time learning the basics. A good starting point is "Beginning Cryptography with Java" by David Hook published by Wrox.
 
Lester Burnham
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
As James said, cryptography is a big subject, and unless you know exactly what you're doing it's easy to end up with an insecure system. So the starting point should be to make certain you understand *why* it's used. If all you know about the answer to that is "the client said so", I suggest to discuss the requirements in detail with the client until you understand the reason behind it. Only then will you (and we) be able to make suggestions how to approach this.

Putting in place security measures without knowing what kinds of attacks those measures should guard against makes no sense.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!