• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Cipher Class and Key Length for AES

 
Ranch Hand
Posts: 377
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm trying to use the Cipher class and am not understanding allowable key lengths (in init). According to the documentation 128, 192 and 256 bits, among others, should all be valid. When I use a 16 byte string (128 bits) it accepts it as I expected. However, If I try a 24 (192 bits) or 32 byte string (256 bits) I get an InvalidKeyException (Illegal key size or default papameters). What size strings am I allowed to use that are >16 bytes? TIA.
 
Bartender
Posts: 1166
17
Netbeans IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sounds like you have not installed the "Unlimited Strength" jars. Go to the Java download page, download the 'unlimited' file and follow the installation instructions.
 
Dennis Putnam
Ranch Hand
Posts: 377
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, I'll try it. I personally would not call 192 or even 256, particularly strong (1024 is strong, IMO) so it did not occur to me that I would need that jar.
 
Richard Tookey
Bartender
Posts: 1166
17
Netbeans IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Dennis Putnam wrote:I personally would not call 192 or even 256, particularly strong (1024 is strong, IMO) so it did not occur to me that I would need that jar.



For symmetric encryption a 192 bit key is considered strong; what makes you think it is not?
 
Dennis Putnam
Ranch Hand
Posts: 377
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I guess because I'm used to 1024 or better.
 
Richard Tookey
Bartender
Posts: 1166
17
Netbeans IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Dennis Putnam wrote:I guess because I'm used to 1024 or better.



You might be using 1024 bits for asymmetric public key encryption such as RSA but not for symmetric encryption like AES! These days, for public key encryption using RSA, 1024 bits is considered weak!
 
author
Posts: 23951
142
jQuery Eclipse IDE Firefox Browser VI Editor C++ Chrome Java Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Richard Tookey wrote:

Dennis Putnam wrote:I guess because I'm used to 1024 or better.



You might be using 1024 bits for asymmetric public key encryption such as RSA but not for symmetric encryption like AES! These days, for public key encryption using RSA, 1024 bits is considered weak!



Highly agree. The algorithm is very important here. You can't really judge whether a certain keylength is strong or not, without knowing what algorithm you are using.

Henry
 
Dennis Putnam
Ranch Hand
Posts: 377
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks. You are correct that I primarily use RSA but with 2048 or better.
reply
    Bookmark Topic Watch Topic
  • New Topic