SecureRandom provider?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

SecureRandom provider?

nefilim
Hi,

I'm using AES/Rijndael to encrypt credit card numbers
but somehow my entropy is not working, for the same
number I always get the same encrypted result ? Here's
the code excerpt:

private static final String CIPHER_TYPE =
"Rijndael/ECB/PKCS7Padding";
.
.
.
byte[] inputBytes = input.getBytes(ENCODING);
SecretKey key = getKey();
       
SecureRandom random =
SecureRandom.getInstance("SHA1PRNG", "SUN");
log.debug("next random: " + random.nextInt());
log.debug("next random: " + random.nextInt());
log.debug("next random: " + random.nextInt());
log.debug("next random: " + random.nextInt());
// TODO: switch to CBC which will need an IV
Cipher cipher = Cipher.getInstance(CIPHER_TYPE, "BC");
                        cipher.init(Cipher.ENCRYPT_MODE, key, random);
                       
byte[] cipherText = new
byte[cipher.getOutputSize(inputBytes.length)];
cipherText = cipher.doFinal(inputBytes);
                       
String encodedEncryptedDataString = new
BASE64Encoder().encode(cipherText);
return encodedEncryptedDataString;

My questions are twofold, why do I always get the same
result even though I supply a source of entropy? And
secondly, does BC provide some algorithms for use with
SecureRandom?

Thank you,
Peter

Reply | Threaded
Open this post in threaded view
|

Re: SecureRandom provider?

Ken Ballou
If you're using ECB mode, then of course you will always get the same
encrypted result (if the key is the same).

Use CBC mode instead.  Don't forget that you will need to save the IV if
you are to have any hope of decrypting the data.

                                        - Ken

Peter wrote:

> Hi,
>
> I'm using AES/Rijndael to encrypt credit card numbers
> but somehow my entropy is not working, for the same
> number I always get the same encrypted result ? Here's
> the code excerpt:
>
> private static final String CIPHER_TYPE =
> "Rijndael/ECB/PKCS7Padding";
> .
> .
> .
> byte[] inputBytes = input.getBytes(ENCODING);
> SecretKey key = getKey();
>        
> SecureRandom random =
> SecureRandom.getInstance("SHA1PRNG", "SUN");
> log.debug("next random: " + random.nextInt());
> log.debug("next random: " + random.nextInt());
> log.debug("next random: " + random.nextInt());
> log.debug("next random: " + random.nextInt());
> // TODO: switch to CBC which will need an IV
> Cipher cipher = Cipher.getInstance(CIPHER_TYPE, "BC");
> cipher.init(Cipher.ENCRYPT_MODE, key, random);
>
> byte[] cipherText = new
> byte[cipher.getOutputSize(inputBytes.length)];
> cipherText = cipher.doFinal(inputBytes);
>
> String encodedEncryptedDataString = new
> BASE64Encoder().encode(cipherText);
> return encodedEncryptedDataString;
>
> My questions are twofold, why do I always get the same
> result even though I supply a source of entropy? And
> secondly, does BC provide some algorithms for use with
> SecureRandom?
>
> Thank you,
> Peter
>

Reply | Threaded
Open this post in threaded view
|

Re: SecureRandom provider?

nefilim
I was _just_ thinking about that, swear! Doh! *blush*

Thanks,
Peter

--- Ken Ballou <[hidden email]> wrote:

> If you're using ECB mode, then of course you will
> always get the same
> encrypted result (if the key is the same).
>
> Use CBC mode instead.  Don't forget that you will
> need to save the IV if
> you are to have any hope of decrypting the data.
>
> - Ken
>
> Peter wrote:
> > Hi,
> >
> > I'm using AES/Rijndael to encrypt credit card
> numbers
> > but somehow my entropy is not working, for the
> same
> > number I always get the same encrypted result ?
> Here's
> > the code excerpt:
> >
> > private static final String CIPHER_TYPE =
> > "Rijndael/ECB/PKCS7Padding";
> > .
> > .
> > .
> > byte[] inputBytes = input.getBytes(ENCODING);
> > SecretKey key = getKey();
> >        
> > SecureRandom random =
> > SecureRandom.getInstance("SHA1PRNG", "SUN");
> > log.debug("next random: " + random.nextInt());
> > log.debug("next random: " + random.nextInt());
> > log.debug("next random: " + random.nextInt());
> > log.debug("next random: " + random.nextInt());
> > // TODO: switch to CBC which will need an IV
> > Cipher cipher = Cipher.getInstance(CIPHER_TYPE,
> "BC");
> > cipher.init(Cipher.ENCRYPT_MODE, key, random);
> >
> > byte[] cipherText = new
> > byte[cipher.getOutputSize(inputBytes.length)];
> > cipherText = cipher.doFinal(inputBytes);
> >
> > String encodedEncryptedDataString = new
> > BASE64Encoder().encode(cipherText);
> > return encodedEncryptedDataString;
> >
> > My questions are twofold, why do I always get the
> same
> > result even though I supply a source of entropy?
> And
> > secondly, does BC provide some algorithms for use
> with
> > SecureRandom?
> >
> > Thank you,
> > Peter
> >
>
>