Rob Lee

Greenhorn
+ Follow
since Jun 03, 2012
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Rob Lee

Hello Jelle Klap,

First of all Thank you for your reply. At the Oracle download page I found "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7" which has two executable jar files and "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6" which has the same number of jars as well. As being a noob I have Tried to add all of those Jars (I know how to add them properly), I tried 1 jar at the time ,two jars and four jars, well all of the possibilities to be honest. But Still got the same exception of illegal key size. Anyway that should not be a problem as with using (PBEWithMD5AndDES) and a random salt am pretty much protected from rainbow-tables attacks I assume.

Kindly, Can you help me in solving the small problem below:



The problem basically is I want to convert the Slealedobject str to a Hex String by using Apache Base64 or any simpler way and then display it with (System.out.println(TheNameOfThestringDerivedFromThe SlealedObject);)

I have tried many ways but with no success. the output has been for the desired string in the below format with just a change in the the numbers in the output

javax.crypto.SealedObject@1d5550d

help by code is much appreciated for a noob like me

Thank you

9 years ago
Hello everyone,

Well I found a solution for this but its problem that it uses less secure transformation algorithm

The output when using (PBEWITHSHA256AND128BITAES-CBC-BC) through an exception of illegal key size. However, when I have changed it to (PBEWithMD5AndDES) it worked just fine

the thing that I do not understand is Bouncycastle support (PBEWITHSHA256AND128BITAES-CBC-BC) but the program report the above exception. Any explanation(with code) would be much appreciated.

at last please help me in finding a solution for the below two topics:

PBE decryption does not work

Sorry about spamming the board with questions! But here another question about PBE encryption

9 years ago

Hello all,



I get this frustrating output(Exception in thread "main" java.security.spec.InvalidKeySpecException: Salt not found)

Why is That?

Thank you all
9 years ago

Hello mates,


the output is included in the topic.
Thank you all
9 years ago
Hello all,

The encryption in the code below works fine but i get error for decryption. any clues?


the output is (Exception in thread "main" javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher)
I do prefer salt to victors , so any sample code to tweak the program to use salt only will be much welcomed.

Thank you
9 years ago
Hello Tim,

thank you very much now I understand what I have been doing wrong. I am very pleased thank you again. here is the code if someone encounter the same problem. please note that this is a just a simple example!



Now I do get different results from different sizes of key.

I don't mean to sound rude, but that being the case you should not be in charge of implementing security. It's all too easy to put in place insecure systems, especially if you come by them in a trial-and-error approach.



No am not in charge. I have BSC in information Systems(more oriented towards the people and the business side of computing). but recently I have applied for a job in a company that's main operation is securing data and voice communication for some international military organizations. it is a junior job but I wanted to study about cryptography to ease up the training period and make a good impression(i hope so). My main problem is that I am from Sudan and we have no access for those in-depth materials.Moreover because of the U.S embargo in Sudan we are not permitted to download java from oracle website but fortunately I have used some proxies to do so.

anyway thank you very much for your help. I really do appreciate it
9 years ago

Sorry about that, copy/paste error. That should have read:

You seem to assume that "Base64.encodeBase64(signatureBytes).toString()" returns something useful; obviously, it does not.



Make as much errors as you want mate.....I am here to benefit from your experience not the opposite

still in the code I did not include the(.toString()). I have only used the Apache encoding scheme which has outputted the signature and the rest of the code has verified it with the public key to be true(matching).

I feel that you have not understood my question because it has nothing to do with your appreciated response. I repeat my question is why the signature character length has not increased when using a bigger key? it is the encryption of the fixed length hash what I mean.

Please be more generous by responding with a bit more lengthy explanation. I am a beginner and I do not understand the hints behind those"telegraphic responses"


9 years ago
Hello Dittmer,

Thank you for your reply

You seem to assume that "sig.verify(signatureBytes).toString()" returns something useful; obviously, it does not.

well that is not included in the code above, but anyway the result is"true"

My question is basically why the signature length has not increased when I changed the key size from 1024 to 2048?

Wikipedia says"If the unlock/decryption key is the one published then the system serves as a signature verifier of documents locked by the owner of the private key. Although in this latter case, since encrypting the entire message is relatively expensive computationally, in practice just a hash of the message is encrypted for signature verification purposes."

so my understanding is the message will be hashed to a fixed character length no matter how long the message is(which is 32 characters using MD5). Then this hash will get encrypted (RSA encryption) in my example. I have tried both key sizes and still got the same length of characters in the signature, I was expecting it to increase by using 2048 bit but it has not(the output is 10 characters long regardless of the size of the key) and this is what is puzzling me.

Can you please clarify what I am missing/misunderstanding?
9 years ago
Hello, new member over here with a noob question

I have the following Simple code to generate a digital signature, as far as I can understand only a hash of the message get encrypted but when I change the key size I still get the same length of characters in the digital signature! below is the code:



the output is:
Singature:[B@10b4199
true

but when changing the key size to 2048 the output has the same length!



the output this time is
Singature:[B@13a328f
true

I was expecting the digital signature length to increase but only the processing time has(which just natural), why is that?

thanks in advance
9 years ago