• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Which crypto library should I use?

 
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

I wanted to do simple encryption/decryption of a password field, and I was wondering what crypto libraries you could recommend that I can take advantage of. Does Apache have any? Please let me know.

Thanks,

Juan
 
Ranch Hand
Posts: 781
Netbeans IDE Ubuntu Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you are considering encrypting passwords and putting the result in a database then this is considered insecure. The more secure approach is to use a seeded digest. For example, one creates a random seed of say 8 bytes using SecureRandom and then one performs a digest (MD5, SHA1 or one of the SHA2 family) of the concatenation of the bytes of the password and the seed. Both the seed and the digest are then stored in the database. Using this approach it is not possible for anyone (the DBA or any casual database viewer for instance) to determine if two or more users have the same password and it is not possible to construct a single table mapping passwords to digests and then search for a particular password digest. One is forced to create a table for each user of the system.

Both MD5 and SHA1 have some known weaknesses so these days it is considered prudent to use one of the SHA2 algorithms. I use SHA-256.
 
Rancher
Posts: 1337
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
James gave good advice. All the algorithms he mentioned -particularly SHA-2- are implemented by JCE (the standard crypto API in Java), which is part of the Java class libraries. So you don't need any other library.
 
J.C. Bustamante
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi James/Lester,

Thanks for the info. I will make good use of it!

Cheers,

Juan
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic