Different Encryption Algorithm

There are basically 2 different types of encryption – Asymmetric and Symmetic Encryption. This both encryption is supported by Java.

Different encryption algorithms that supports java are:

1. DES – with Key size of 56-bit, DES is considered as slower encryption algorithm.

2. Triple DES – it engages the key size of 112/168, but provides equivalent security of 80/112, which makes it a slower one too.

3. AES – it reserves the key size of 128-bit, 198-Bit and 256-bit which is considered as a faster algorithm. Though it is a faster one, its speed depends on the Key Size.

4. Blowfish – with key size of 128-bit up to 448-bit, it’s considered as a better, faster algorithm. Blowfish is now superseded by Twofish.

5. RC4 – Key size from 40-bit to 1024-bit, RC4 is the fastest java supported encryption algorithm.

Now when it comes to choose between these different encryption techniques, DES and Triple DES are outdated.

The best algorithms are the ones which are shipped with Java.

DES and 3DES have been outdated and known to be cracked without a key, so you should skip them.

AES is the industry standard as of now as it allows 128 bit encryption. Here is an example of AES Encryption in java

Apart from that if you’re trying to encrypt a password, you should use a hash function to create hash of the encrypted password string. MD5 hash is used mostly for this. When comparing you can encrypt the input password, hash it with MD5 and compare it with the value stored in the database under password.

However MD5 hash is easily crackable, but provides a first line of defence against cryptanalysis.

Following is an example that uses AES encryption.

public static String encrypt(String key, String initVector, String value) {
try {
IvParameterSpec iv = new IvParameterSpec(initVector.getBytes(“UTF-8”));
SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes(“UTF-8”), “AES”);

Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS5PADDING”);
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);

byte[] encrypted = cipher.doFinal(value.getBytes());
System.out.println(“encrypted string: ”
+ Base64.encodeBase64String(encrypted));

return Base64.encodeBase64String(encrypted);
} catch (Exception ex) {
ex.printStackTrace();
}

return null;
}

The most secure encryption algorithm–and the most impossible to construct in real life–is an infinite, one-time pad XOR ciphered onto the plaintext.

If you’re talking about Public-key cryptography, which is the type of encryption you’d be worried about in most Internet applications, in one type that has been validated and not intentionally weakened, key length matters much more than the strength or weakness of the algorithm.

Some algorithms allow up to a certain size key, so you want ones that have unlimited key length. Doing a quick search, I can’t find any that directly support it.

Leave a Reply

Your email address will not be published. Required fields are marked *