2-key TDES and Java

Hi,

someone can tell me what to read or how to set up a 2-key TDES with two keys of 16 bytes with java?

thanks

Filippo La Torre wrote:
someone can tell me what to read or how to set up a 2-key TDES with two keys of 16 bytes with java?

First, DES keys are only 56 bits long, and at 7 bits per byte, it is 8 bytes long. Triple DES, or 3DES, keys are three times longer, so hence, it is 24 bytes long.

"2-key triple DES" is 3DES with only 2 DES keys. How is this done? Simple. Key one is equal to key three. Meaning the key is still three times longer, but the last 8 bytes (of the 24 bytes) is the same as the first 8 bytes. The actual unique key is only 16 bytes long.


Java encryption .... http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html ... support 3DES with three keys, so if you want two key triple DES, you will need to take the 16 bytes and generate the 24 byte 3DES key, by duplicating the first eight bytes.

Henry

If I have two keys of 16 bytes, for example:

1) a123b456c789d000

2) zxcasdqwe123vbn0

I didn't understand how these become of 24 bytes

Thanks

Filippo La Torre wrote:If I have two keys of 16 bytes, for example:

1) a123b456c789d000

2) zxcasdqwe123vbn0

I didn't understand how these become of 24 bytes

Thanks

Your second example doesn't make sense. Are you using string characters? If no, what base are you in -- as hexadecimal digits are only in the 0-9 and a-f range. Your first example, however, looks like a valid hexadecimal number (and it is eight bytes long).


Anyway, to answer your question....

As mentioned, triple DES uses DES keys, which are 56 bits long, or 8 bytes long (as one bit of each byte isn't used). If you want Triple DES with only two DES keys, you need to create the 24 byte key (needed by the java triple DES implementation) as follows....

k1) a1 23 b5 56 c7 89 d0 00

k2) b7 35 78 dc ff d4 f7 89

K = k1 k2 k1 = a1 23 b5 56 c7 89 d0 00 b7 35 78 dc ff d4 f7 89 a1 23 b5 56 c7 89 d0 00

Henry


Note: DES keys chosen randomly as examples -- no checking to confirm that the keys have correct parity, and hence, valid.

Yes it's a hexadecimal sorry for the second key error.
I have now understand how create the 24 byte key.
Thanks!

But i don't understand how to use the key K with java Triple DES. I have read http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html, but i don't understand.

Filippo La Torre wrote:Yes it's a hexadecimal sorry for the second key error.
I have now understand how create the 24 byte key.
Thanks!

But i don't understand how to use the key K with java Triple DES. I have read http://docs.oracle.com/javase/1.4.2/docs/guide/security/jce/JCERefGuide.html, but i don't understand.

It is generally a good idea to TellTheDetails. We can't help you if we don't know what you don't understand.

Anyway, if you are looking for coding examples, here are some hints....

1. The triple DES algorithm is called "DESede".
2. The key class is the javax.crypto.spec.SecretKeySpec class, and the interface is the javax.crypto.SecretKey class.
3. The class that does the encryption is the javax.crypto.Cipher class.

So, if you do a javaranch seach, you can get a few examples...

https://coderanch.com/forums/jforum?module=search&action=search&forum=65&match_type=all&sort_by=time&search_keywords=DESede+SecretKey+Cipher

When I did the search, I got...

https://coderanch.com/t/567908/Security/Length-Encrypted-String-Longer-than
https://coderanch.com/t/424015/Security/Triple-Des-Pin-Encryption
https://coderanch.com/t/420261/Security/InvalidKeyException-DES

which seems to have examples that you can use.

Henry

Sorry if I do not write clearly what is the problem, but I am new to the field of encryption / decryption.
Meanwhile, thanks for the help.
I wrote this class for tests.

public final class StartTest { public static void main(String[] args) throws Exception { String plainText = "1009062340000110"; String crypted = "0C9160C6263403DE"; byte[] array = Hex.decodeHex(crypted.toCharArray()); for(int i=0;i<array.length;i++) System.out.println(array[i]); System.out.println(array.length); // byte[] codedtext = new StartTest().encrypt(text); String decodedtext = new StartTest().decrypt(array); System.out.println(decodedtext +"is equals to " + plainText + "?"); } public byte[] encrypt(byte[] message) throws Exception { byte[] keyValue = Hex.decodeHex(SHARED_KEY.toCharArray()); final SecretKey key = new SecretKeySpec(keyValue, "DESede"); final Cipher cipher = Cipher.getInstance("DESede"); cipher.init(Cipher.ENCRYPT_MODE, key); final byte[] cipherText = cipher.doFinal(message); return cipherText; } public String decrypt(byte[] message) throws Exception { byte[] keyValue = Hex.decodeHex(SHARED_KEY.toCharArray()); final SecretKey key = new SecretKeySpec(keyValue, "DESede"); final Cipher decipher = Cipher.getInstance("DESede"); decipher.init(Cipher.DECRYPT_MODE, key); final byte[] plainText = decipher.doFinal(message); return new String(plainText, "UTF-8"); } }

SHAREDKEY is k1+k2+k3, k1=k3. It's hexadecimal format. k1+k2+k3 = 24 bytes.

I have a string in hexadecimal format, that is "crypted" and i want to decrypt to plain text form that is "plainText" and it's also hexadecimal. I have an error javax.crypto.BadPaddingException: Given final block not properly padded.

I have finally solved.

I post the class to help others people.

public final class StartTest { private String SHARED_KEY = YOURKEY; static final String HEXES = "0123456789ABCDEF"; public static void main(String[] args) throws Exception { String plainText = "1009062340000110"; String crypted = "0C9160C6263403DE"; byte[] array = Hex.decodeHex(crypted.toCharArray()); byte[] plain = Hex.decodeHex(plainText.toCharArray()); byte[] codedtext = new StartTest().encrypt(plain); System.out.println(getHex(codedtext)); String decodedtext = new StartTest().decrypt(array); System.out.println(decodedtext +" is equals to " + plainText + "?"); } public byte[] encrypt(byte[] plainTextBytes) throws Exception { byte[] keyValue = Hex.decodeHex(SHARED_KEY.toCharArray()); final SecretKey key = new SecretKeySpec(keyValue, "DESede"); final Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding"); cipher.init(Cipher.ENCRYPT_MODE, key); final byte[] cipherText = cipher.doFinal(plainTextBytes); return cipherText; } public String decrypt(byte[] message) throws Exception { byte[] keyValue = Hex.decodeHex(SHARED_KEY.toCharArray()); final SecretKey key = new SecretKeySpec(keyValue, "DESede"); final Cipher decipher = Cipher.getInstance("DESede/ECB/NoPadding"); decipher.init(Cipher.DECRYPT_MODE, key); final byte[] plainText = decipher.doFinal(message); return getHex(plainText); } public static String getHex( byte [] raw ) { if ( raw == null ) { return null; } final StringBuilder hex = new StringBuilder( 2 * raw.length ); for ( final byte b : raw ) { hex.append(HEXES.charAt((b & 0xF0) >> 4)) .append(HEXES.charAt((b & 0x0F))); } return hex.toString(); } }

Thanks!!!

Filippo La Torre wrote:
I have a string in hexadecimal format, that is "crypted" and i want to decrypt to plain text form that is "plainText" and it's also hexadecimal. I have an error javax.crypto.BadPaddingException: Given final block not properly padded.

The reason you are getting this error is because the default padding requires you to provide a padding buffer -- an array of bytes that will be used as the padding.

Filippo La Torre wrote:I have finally solved.

I post the class to help others people.

Thanks for posting the solution -- but keep in mind that you have to match the mode and the padding with the other side. I am assuming that you have chosen to use Triple DES because you already have encrypted data, or another application that already uses Triple DES. You need to match the other applications mode and padding.

If there isn't another application, and you are writing both sides of the encryption, then I suggest that you use AES instead -- it is technically a stronger algorithm than Triple DES. And it can also take a 16 byte key -- which is much easier to create when you have two 8 byte keys.

Henry