Crypt/Decrypt samples

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Crypt/Decrypt samples

Chiara Berti
Hi,
I'm a newby of this group and about crypt argument also.
I would crypt some data and I have a problem to choose which algorithm is better.
In particular I have to crypt a large string (xml rappresentation of a bean).
I need to save the crypted text on a postgres database and later I have to read and decrypt it.
Does anybody know where I can find some examples?
Thanks,
 
Chiara 

---------------------------------------------------------------
Dott. Chiara Berti

SAGO S.p.A.
Soluzioni Informatiche per la Sanità.
Via Odorico
da Pordenone, 32
50127 Firenze - Italy
tel: +39 055 323911 fax: +39 055 3239150
---------------------------------------------------------------

 
Reply | Threaded
Open this post in threaded view
|

Re: Crypt/Decrypt samples

Kosch
On Wednesday 29 June 2005 10:24, you wrote:
> Hi,
> I'm a newby of this group and about crypt argument also.
> I would crypt some data and I have a problem to choose which algorithm is
> better. In particular I have to crypt a large string (xml rappresentation
> of a bean). I need to save the crypted text on a postgres database and
> later I have to read and decrypt it. Does anybody know where I can find
> some examples?

Look at org.bouncycastle.crypto.test
or
org.bouncycastle.provider.test
or maybe
org.bouncycastle.cms.test

Testcases, there you'll find various solutions.

--

inubit - integrating your business and IT http://www.inubit.com
Thomas Fromm, inubit AG [hidden email]
Lützowstraße 105-106, D-10785 Berlin
Freecall 0800-go inubit, Tel +49(30)726112-135, Fax -100

Reply | Threaded
Open this post in threaded view
|

Re: Crypt/Decrypt samples

Kevin Smith-2
In reply to this post by Chiara Berti
Hi,

As I have said before on this list:

---
Also, realize that crypto is an important, but SMALL part of overall
security. Even if you get the crypto right, there may be other flaws in
your system that make it easy to break. Security is extremely difficult
to do well, especially if you try to keep your app easy to use.

When I got into this stuff a few years ago, my favorite book for the
low-level Java crypto stuff was Professional Java Security by Somerfield
(ISBN 1861004257). There may be better books out now. I would also
recommend that you read as many books and articles as you can stand
about higher level security (not crypto) issues. Schneier is usually
pretty good.
---

And you might also find this message/thread of interest:

   http://www.bouncycastle.org/devmailarchive/msg04547.html

To answer your specific questions: AES (128 bits, and perhaps 256) would
be a fairly safe choice for you, but if you want something less common
you could try blowfish or twofish.

Most encryption uses a symmetric key to encrypt the actual data, and
then uses an asymmetric key to encrypt the symmetric key. RSA is the
most common, and for high security you would probably want 2048 bits,
but 1024 could work if you can easily change your key if necessary.

The diceware site is also very useful and informative, since poor or
exposed passwords are often the weakest link in a security system:
   http://world.std.com/~reinhold/diceware.html

Cheers,

Kevin


Chiara Berti wrote:

> Hi,
> I'm a newby of this group and about crypt argument also.
> I would crypt some data and I have a problem to choose which algorithm is better.
> In particular I have to crypt a large string (xml rappresentation of a bean).
> I need to save the crypted text on a postgres database and later I have to read and decrypt it.
> Does anybody know where I can find some examples?
> Thanks,
>  
> Chiara
>
> ---------------------------------------------------------------
> Dott. Chiara Berti
>
> SAGO S.p.A.
> Soluzioni Informatiche per la Sanità.
> Via Odorico da Pordenone, 32
> 50127 Firenze - Italy
> tel: +39 055 323911 fax: +39 055 3239150
> ---------------------------------------------------------------
>
>  
>