• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

2-key TDES and Java

 
Filippo La Torre
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

someone can tell me what to read or how to set up a 2-key TDES with two keys of 16 bytes with java?

thanks
 
Henry Wong
author
Marshal
Pie
Posts: 21496
84
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Filippo La Torre wrote:
someone can tell me what to read or how to set up a 2-key TDES with two keys of 16 bytes with java?



First, DES keys are only 56 bits long, and at 7 bits per byte, it is 8 bytes long. Triple DES, or 3DES, keys are three times longer, so hence, it is 24 bytes long.

"2-key triple DES" is 3DES with only 2 DES keys. How is this done? Simple. Key one is equal to key three. Meaning the key is still three times longer, but the last 8 bytes (of the 24 bytes) is the same as the first 8 bytes. The actual unique key is only 16 bytes long.


Java encryption .... http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html ... support 3DES with three keys, so if you want two key triple DES, you will need to take the 16 bytes and generate the 24 byte 3DES key, by duplicating the first eight bytes.

Henry
 
Filippo La Torre
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If I have two keys of 16 bytes, for example:

1) a123b456c789d000

2) zxcasdqwe123vbn0

I didn't understand how these become of 24 bytes

Thanks
 
Henry Wong
author
Marshal
Pie
Posts: 21496
84
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Filippo La Torre wrote:If I have two keys of 16 bytes, for example:

1) a123b456c789d000

2) zxcasdqwe123vbn0

I didn't understand how these become of 24 bytes

Thanks



Your second example doesn't make sense. Are you using string characters? If no, what base are you in -- as hexadecimal digits are only in the 0-9 and a-f range. Your first example, however, looks like a valid hexadecimal number (and it is eight bytes long).


Anyway, to answer your question....

As mentioned, triple DES uses DES keys, which are 56 bits long, or 8 bytes long (as one bit of each byte isn't used). If you want Triple DES with only two DES keys, you need to create the 24 byte key (needed by the java triple DES implementation) as follows....

k1) a1 23 b5 56 c7 89 d0 00

k2) b7 35 78 dc ff d4 f7 89

K = k1 k2 k1 = a1 23 b5 56 c7 89 d0 00 b7 35 78 dc ff d4 f7 89 a1 23 b5 56 c7 89 d0 00

Henry


Note: DES keys chosen randomly as examples -- no checking to confirm that the keys have correct parity, and hence, valid.

 
Filippo La Torre
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes it's a hexadecimal sorry for the second key error.
I have now understand how create the 24 byte key.
Thanks!

But i don't understand how to use the key K with java Triple DES. I have read http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html, but i don't understand.
 
Henry Wong
author
Marshal
Pie
Posts: 21496
84
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Filippo La Torre wrote:Yes it's a hexadecimal sorry for the second key error.
I have now understand how create the 24 byte key.
Thanks!

But i don't understand how to use the key K with java Triple DES. I have read http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html, but i don't understand.


It is generally a good idea to TellTheDetails. We can't help you if we don't know what you don't understand.

Anyway, if you are looking for coding examples, here are some hints....

1. The triple DES algorithm is called "DESede".
2. The key class is the javax.crypto.spec.SecretKeySpec class, and the interface is the javax.crypto.SecretKey class.
3. The class that does the encryption is the javax.crypto.Cipher class.

So, if you do a javaranch seach, you can get a few examples...

http://www.coderanch.com/forums/jforum?module=search&action=search&forum=65&match_type=all&sort_by=time&search_keywords=DESede+SecretKey+Cipher

When I did the search, I got...

http://www.coderanch.com/t/567908/Security/Length-Encrypted-String-Longer-than
http://www.coderanch.com/t/424015/Security/Triple-Des-Pin-Encryption
http://www.coderanch.com/t/420261/Security/InvalidKeyException-DES

which seems to have examples that you can use.

Henry


 
Filippo La Torre
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry if I do not write clearly what is the problem, but I am new to the field of encryption / decryption.
Meanwhile, thanks for the help.
I wrote this class for tests.



SHAREDKEY is k1+k2+k3, k1=k3. It's hexadecimal format. k1+k2+k3 = 24 bytes.

I have a string in hexadecimal format, that is "crypted" and i want to decrypt to plain text form that is "plainText" and it's also hexadecimal. I have an error javax.crypto.BadPaddingException: Given final block not properly padded.
 
Filippo La Torre
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have finally solved.

I post the class to help others people.



Thanks!!!
 
Henry Wong
author
Marshal
Pie
Posts: 21496
84
C++ Chrome Eclipse IDE Firefox Browser Java jQuery Linux VI Editor Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Filippo La Torre wrote:
I have a string in hexadecimal format, that is "crypted" and i want to decrypt to plain text form that is "plainText" and it's also hexadecimal. I have an error javax.crypto.BadPaddingException: Given final block not properly padded.


The reason you are getting this error is because the default padding requires you to provide a padding buffer -- an array of bytes that will be used as the padding.


Filippo La Torre wrote:I have finally solved.

I post the class to help others people.


Thanks for posting the solution -- but keep in mind that you have to match the mode and the padding with the other side. I am assuming that you have chosen to use Triple DES because you already have encrypted data, or another application that already uses Triple DES. You need to match the other applications mode and padding.

If there isn't another application, and you are writing both sides of the encryption, then I suggest that you use AES instead -- it is technically a stronger algorithm than Triple DES. And it can also take a 16 byte key -- which is much easier to create when you have two 8 byte keys.

Henry
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic