Keywords: Java | Encryption | Decryption | Fixed Key | javax.crypto | Triple DES
Abstract: This article explores how to use symmetric key cryptography in Java with a fixed key for encrypting and decrypting data, particularly useful for storing encrypted passwords. It covers the use of javax.crypto library, SecretKeyFactory, and provides a practical example using Triple DES.
Introduction
In Java applications, securely storing sensitive data such as passwords often requires encryption. A common challenge is ensuring that the same key is used for both encryption and decryption, especially when the encrypted data is stored and later retrieved. This article addresses this by demonstrating how to use a fixed, pre-defined key with the javax.crypto library.
Symmetric Key Cryptography
Symmetric key cryptography uses the same key for both encryption and decryption. Algorithms like AES and Triple DES are widely used. The key must be kept secret and consistent across sessions to enable correct decryption.
Using Fixed Keys in Java
Instead of generating a random key each time, you can derive a key from a fixed string or byte array using the SecretKeyFactory class. This allows you to specify your own key material, ensuring that the same key is always used.
Code Example
Below is a revised example based on the provided solution, using Triple DES (DESede) with a fixed key.
import java.security.spec.KeySpec;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESedeKeySpec;
import org.apache.commons.codec.binary.Base64;
public class FixedKeyEncryption {
private static final String UNICODE_FORMAT = "UTF8";
private static final String DESEDE_ENCRYPTION_SCHEME = "DESede";
private SecretKey key;
public FixedKeyEncryption(String keyString) throws Exception {
byte[] keyBytes = keyString.getBytes(UNICODE_FORMAT);
KeySpec ks = new DESedeKeySpec(keyBytes);
SecretKeyFactory skf = SecretKeyFactory.getInstance(DESEDE_ENCRYPTION_SCHEME);
key = skf.generateSecret(ks);
// Cipher is initialized in encrypt/decrypt methods
}
public String encrypt(String plaintext) throws Exception {
Cipher cipher = Cipher.getInstance(DESEDE_ENCRYPTION_SCHEME);
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encryptedBytes = cipher.doFinal(plaintext.getBytes(UNICODE_FORMAT));
return Base64.encodeBase64String(encryptedBytes);
}
public String decrypt(String encryptedText) throws Exception {
Cipher cipher = Cipher.getInstance(DESEDE_ENCRYPTION_SCHEME);
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decodedBytes = Base64.decodeBase64(encryptedText);
byte[] decryptedBytes = cipher.doFinal(decodedBytes);
return new String(decryptedBytes, UNICODE_FORMAT);
}
public static void main(String[] args) throws Exception {
String fixedKey = "MyFixedEncryptionKey123"; // Example key
FixedKeyEncryption encrypter = new FixedKeyEncryption(fixedKey);
String original = "SecretPassword";
String encrypted = encrypter.encrypt(original);
String decrypted = encrypter.decrypt(encrypted);
System.out.println("Original: " + original);
System.out.println("Encrypted: " + encrypted);
System.out.println("Decrypted: " + decrypted);
}
}In this code, the key is derived from a fixed string, ensuring consistency. Note that for security, use a strong, random key in practice, and consider using key derivation functions.
Additional Considerations
While Triple DES is used here for demonstration, modern applications should prefer AES with appropriate key sizes (e.g., 256-bit). The javax.crypto library supports various algorithms and modes. Always follow best practices for key management and encryption.
Conclusion
Using a fixed key in Java encryption allows for reproducible decryption, essential for stored data. By leveraging SecretKeyFactory and proper key specifications, developers can implement secure and consistent encryption workflows.