Hi! I haven't really worked with a lot of
java security stuff before but I need to use it now to encrypt sensitive data for long term storage. We've never really had to deal with this situation before; where we need to store sensitive data for a long time, then retrieve it and decrypt it so we can use it again. The application that reads the data will be running on the same server as the application that writes the data, so the primary concern for this particular post isn't secure transmission, I just need to make sure that if anyone ever *does* gain access to our database, they won't be able to read the data in this particular table. It doesn't need to be NSA-proof 16KMatrix Filtrax-barred 1028-bit Inifnisigned secure; it just needs to be encrypted well enough that if someone got the data, they'd have to decide it was worth investing some significant time and resources to read it.
I'm running into some issues though because I'm not entirely familiar with all the encryption methods or how they're supposed to be used, and I'm not entirely sure how to use the java encryption providers, which ones I should be using, or what kind of encryption I should be using. I feel like I'm wading into a sea of acronyms which mean nothing to me, and somewhere in here is the acronym that's right for me...
So far I've ruled out SHA1, MD5, and PGP because apparently those are only supposed to be used for cases where you're communicating with someone and you can tell them some other random data like the length of the
String you should get out or some kind of randomized Initialization Vector or something to make sure someone intercepting couldn't just keep intercepting until they found a
pattern. I tried AES, but it looks like AES needs to know the length of the plaintext String it's looking for in order to decrypt it? And uhhhh... The operative
word here is * long term * storage; and I can't store the length of the plaintext string along with the hashed string, so unless there's a way to decrypt AES with just the key String, without knowing the byte length of the plaintext String, it looks like AES is out too.
I'm running out of encryption methods. I need an encryption method that can be used to encrypt something based on a secret key, then decrypt it based on that same secret key, and I need it to not need anything else. It sounds like the category of what I'm looking for is "Symmetric Key" encryption, where you don't have any special data passed back and forth; just a secret key that really needs to remain secret, so I'm going to start going through all the methods listed in this article:
https://en.wikipedia.org/wiki/Symmetric-key_algorithm#Implementations
The other thing is I'd really like to not have to import any libraries that aren't packaged with Java 7, which is proving to be problematic because most of the examples use BouncyCastle? I apparently already have the sunjce_provider jar in my jre lib folder, so I can use that one, but it looks like I can't do everything I need with that alone.
So this is kind of a two-parter; and the first part is: Does anyone have recommendations for which encryption method I should be using?
The second part concerns the java security packages themselves. I've been studying this:
https://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html
But a lot of it isn't making a ton of sense to me yet, so I just want to see if I have this right generally:
Providers are just jar files that know how to hash strings with specific algorithms. In order to use one, you have to ask your Security something or other to get you an instance of an engine that knows how to use the encryption method you're asking for, like say, you'd call getInstance("MD5") and it would look through your loaded security providers and be like "Hey, which one of you knows how to MD5 things?", and you CAN tell it to use a specific provider, but that's frowned upon even though every example I've seen does that, and whenever I don't it yells at me for having no providers loaded?
But anyway, once you have your engine you have to get a key through one of a number of processes depending on the encryption method or the provider or something; but generally they all need some form of key to be fed in as a byte array, and then once you give that key to your engine, you can tell the engine to encrypt or decrypt things. I think there's additional steps, but they only apply if you're using the stuff to do stuff with public/private key pairs and non-symmetric encryption?
I feel like I'm still missing a number of steps though... Can anyone tell me if I'm generally steering in the right direction, or maybe point me to a tutorial that's geared towards secure storage rather than secure transmission?