I wanted to develop code in java for a cryptographic algorithms like Blowfish,RC5. I searched on the internet too but I got to know that Blowfish has ready made methods available. So writing own methods is like 'reinventing wheel' so is the same case with 'RC5' too?
If this is the case, can you please suggest me some algorithms of cryptography for which code can be developed within the duration of 2 months using 2 people having average knowledge about 'Java'?
There have recently been several questions here relating to format preserving encryption. I tried to find an implementation of FFX (an attempt to standardize Feistel-network based FPE), but failed to find any.
So if you are looking for an example of a useful cryptographic algorithm for which there is no (easily findable) implementation on the net, that is one option.
You might want to restrict yourself to FFX-A2 and/or FFX-A10.
Starting out any cryptography project without knowing a lot about the idiosyncrasies of the language you are working with and the cryptographic algorithms involved is a really, really bad idea. If you are just doing it to learn, then why not just go ahead and reinvent the wheel? If you actually expect it to be secure, you really should use a pre-existing, well-tested implementation, or you should carefully investigate the algorithmic approaches involved and the language-based security issues involved.
There is nothing inherently labor-intensive about the implementation of any of these algorithms - they tend to have clear descriptions published. It would be entirely possible for you to do a not-necessarily-cryptographically-secure implementation of RC5, Blowfish, AES, RSA or just about anything else commonly used within 2 months (although I'd put the real figure somewhere nearer 2 days if you're just messing around for learning/fun).
Visit BouncyCastle.org. They provide a full and open source JCE / JCA crypto API for Java and C#. There are also other APIs for PGP for example. Unpinning these APIs are implementations of virtually every common cipher and digest algorithm. Documentation is a bit light (especially the PGP implementation) but it is a very well known and used crypto package.
Related
I want to replace PostgreSQL encryption function ‘pgp_sym_encrypt’ and ‘pgp_sym_decrypt’ mechanism with HSM (hardware security module). Can i implement it to replace existing algorithm with HSM.
If your client is paying you to find this out, it'd be nice if you would do some research and work on it, not just ask Stack Overflow.
The pgp_sym_ functions are in contrib/pgcrypto/pgp-pgsql.c. They're wrappers for decrypt_internal, and in turn around the functions exposed in pgp.h and implemented in the pgp*.c files.
You'll see that pgcrypto has its own OpenPGP implementation. That means it's not using GnuPG as a library, and therefore cannot simply use GnuPG's support for hardware security modules directly.
If you want support for HSMs, you will need to implement it yourself in the pgcrypto extension. You may be able to use libgcrypt and GPGME functions to help you out, and/or functionality in OpenSSL. It depends on what HSM you're using; it might just a client library that does most of what you want.
It may be simpler, if your HSM has a client library that has functionality you want, to wrap that with PostgreSQL user-defined functions and expose it to SQL as a new contrib module.
Either way, you will have to do a lot of reading and a lot of research. You will need to know the C programming language and be comfortable working with it. You will need to understand how user-defined functions in PostgreSQL work. If you can't manage any of that, you'll need to subcontract the work to somebody who does, give them access to a sample of the HSM in question, and pay them for their time. (No, I'm not fishing for work, I already have too much).
Many HSM's can be programmed some of them will undoubtedly be both Turing complete and have enough memory to perform your encryption function (whatever that may be). So the answer is "yes".
I am looking for a good library that can perform pairing based cryptography (PBC).
One I could find is jPBC
What have others used? and their experiences?
The idea is to test the performance of algorithms using standard pairings (Weil, Tate) as well as some of the newer proposals without getting my hands too much dirty in the math.
I do work in this space as well. The best thing we could find in java was jPBC. Its not very good.
Non java alternatives:
MIRACL: I believe this is the current
fastest c implementation.
charm crypto: a python framework for
rapidly prototyping crypto systems. Full disclosure, I am a dev on
it. It has bindings to some subset of MIRACL and Lynn's PBC lib.
These are more than enough to impliment most schemes.These subsets
are expanding and probably can be readily expanded without getting
into the math involved. Given specific requests, we might even be willing to do those
extensions
Furthermore, it already has support for benchmarking that can
give specific time spent in cryptographic operations, the number of operations (e.g.
pairings and exponentiations), and other stats.
An open-source java implementation of Miracl is at
https://dsl-external.bbn.com/tracsvr/openP3S/wiki/jmiracl
Includes benchmarks
MIRACL is the gold standard for Elliptic Curve Cryptography over GF(p) and GF(2m) and additionally supports even more esoteric Elliptic Curves and Lucas function-based schemes. It also includes over twenty protocols based on the new paradigm of Pairing-Based Cryptography. Using MIRACL means that AES encryption, RSA public key cryptography, Diffie-Hellman Key exchange and DSA digital signature are all just a few procedure calls away.
You can read more about MIRACL here and download the SDK: https://github.com/miracl/MIRACL
There are quite a few papers on order-preserving/homomorphic cryptography, but I haven't been able to find any actual implementations so far.
Do you maybe know an algorithm that has already been implemented and is also being actively used for either symetric encryption or hashing? (Implementation language and license details are not that big an issue, though Java would be prefered.)
I'm looking for a secure symmetric-key encryption algorithm compatible with both JavaScript and Java.
I've tried implementing one but I had some encoding issues.
You don't want to encrypt with JavaScript, especially on the client-side where it is open to tampering, and has no cryptographically secure random number generator.
I've tried implementing one but I had some encoding issues.
You tried to write your own encryption algo? You've gone against everything that the security world hold dear. No. Actual tutorials that explain how encryption works are so scared that people are going to screw things up because they don't understand the math behind it, I've actually seen this in one of them:
If you don't understand encryption, things like, what "cryptographically secure pseudo random number generator" actually is, and common attacks on it, you shouldn't do that.
If you don't understand things like side-channel attacks, you shouldn't do it.
If you don't understand what's going on in crypto and have read at-least two books on it you have no business implementing it.
Crypto is not a magic black box, it's something that is very VERY easy to screw up, even without touching any bit of code in a packaged solution.
What should you do? Forget about JS encryption. I know, I've tried it myself. It's a waste of time. Learn from my mistakes.
Go get an SSL certificate, SSL is the best way for us to encrypt messages on the transport level from a server to a client. It's about as secure as you can get. If you face an advesary that can defeat SSL, trust me, your JS-based crypto is also compromised.
Once it's at the server where it's secure from being tampered with, encrypt it. Anything else is a really long way to waste your time.
Also, go read these books:
![This one is free][4]
[![This one is cash money][5]][5]
(source: [schneier.com](https://www.schneier.com/images/book-ce-150w.jpg))
Then when you understand them come back and scream at me about why I'm wrong and don't understand how much you need JS on the client to do crypto.
There is an excellent DES (and by extension 3DES) implementation in JS, which I use quite often. I'll put up the link Monday, when I'm at the office and have it ready. Results from this (after base64 encoding for the transport) work perfectly with .Net/Mono (builtin), Java (bulitin) and PHP (mcrypt).
Found the links, but both are dead: http://www.shopable.co.uk/des.html and http://www.netdealing.com. I have put it up on http://pastebin.com/KbRsWKJY
This page has CTR mode, which is available in Java. I would recommend keys of 128 bits or you might run into trouble regarding the Java export policies on larger key sizes.
Here is a page which uses some very usefull methods of encryption, including password encryption techniques and ciphres with integrity checks and authentication, although you may need the bouncy castle libraries on Java to match those all.
There are oodles of libraries for JavaScript, but character encoding issues will be present on any of them. So make sure you use the same encoding both on the JavaScript side as well as on the Java side. A quick look up assures me that JavaScript uses UTF-16 internally, but don't hang me up on that.
Finally, don't try this at home, the libraries are there, use them (especially if they mention tests and/or official test vectors).
Like the other answers said, if you don't have to encrypt with JavaScript, avoid it. However, there are some valid use cases to encrypting in JavaScript.
When you need to, I recommend this library: https://keybase.io/triplesec/.
It's more secure than DES, which another answer links to.
I want to encrypt/decrypt lots of small (2-10kB) pieces of data. The performance is ok for now: On a Core2Duo, I get about 90 MBytes/s AES256 (when using 2 threads). But I may need to improve that in the future - or at least reduce the impact on the CPU.
Is it possible to use dedicated AES encryption hardware with Java (using JCE, or maybe a different API)?
Would Java take advantage of special CPU features (SSE5?!), if I get a better CPU?
Or are there faster JCE providers? (I tried SunJCE and BouncyCastle - no big difference.)
Other possiblilities?
The JVM will not, by itself, take advantage of special CPU features when executing code which happens to be an AES encryption: recognizing some code as being an implementation of AES is beyond the abilities of the JIT compiler. To use special hardware (e.g. the "Padlock" on VIA processors, or the AES-NI instructions on the newer Intel processors), you must go, at some point, through "native code".
Possibly, a JCE provider could do that for you. I am not aware of any readily available JCE provider which includes optimized native code for AES (there was a project called Apache JuiCE, but it seems to be stalled and I do not know its status). However it is conceivable that SunJCE will do that in a future version (but with Oracle buying Sun and the overfeaturism of OpenJDK 7, it is unclear when the next Java version will be released). Alternatively, bite the bullet and use native code yourself. Native code is invoked through JNI, and for the native AES code, a popular implementation is the one from Brian Gladman. When you get a bigger and newer processor with the AES-NI instruction, replace that native code with some code which knows about these instructions, as Intel describes.
By using AES-128 instead of AES-256 you should get a +40% speed boost. Breaking AES-128 is currently beyond the technological reach of Mankind, and should stay so for the next few decades. Do you really need a 256-bit key for AES ?
Just in case people run into this. JAVA 8 now uses AES-NI. See this: AES-NI intrinsics enabled by default?
You can benefit from improved AES speeds by using SunPKCS11 security provider together with mozilla-nss library.
Setup is described at
Improved Advanced Encryption Standard (AES) Crypto performance on Java with NSS using Intel® AES-NI Instructions
and JavaTM PKCS#11 Reference Guide
A simple google search will identify some JCE providers which claim hardware acceleration Solaris Crypto Framework. I have heard the break-even point is 4K (where under 4k its faster to perform using in JVM java providers).
I might look at using the NSS implementation, it might have some compiler optimizations for your platform (and you can certainly build from source with them enabled); though I have not used it myself. The big benefit with hardware a provider is probably the fact that the keys can be stored in hardware in a way that supports using them without exposing them to the OS.
Update: I should probably mention that the Keyczar source had some helpful insight (somewhere in source or surrounding docs) about reducing the overhead for initializing the Cipher. It also does exactly what you want (see Encrypter), and seems to implement asynchronous encryption (using a thread pool).
I would also suggest using AES-128 rather than 256. If the code is loosely coupled, and is still around in however many years it takes for AES-128 to become archaic, my guess is that it will be much easier to update the encryption at that point (when hardware will be more powerful) than it would be to try to optimize performance via hardware now.
Of course, that is assuming it is loosely coupled :D
Usually the step which consumes more time is Initiating the KeyGenerator.
KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(256); // This step takes more time
KeyGenerator aesKey = keyGen.generateKey();
The way I solved it is by generating a pool of KeyGenerator instances before the server statup and reusing them for just for Key Generation