Pages

This tutorial covers the basics of the science of cryptography. It explains how programmers and network professionals can use cryptography to maintain the privacy of computer data. Starting with the origins of cryptography, it moves on to explain cryptosystems, various traditional and modern ciphers, public key encryption, data integration, message authentication, and digital signatures.

Sunday, 19 April 2020

[SOLVED] java.io.IOException: keystore password was incorrect

PROBLEM
Exception in thread "main" java.io.IOException: keystore password was incorrect
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2059)
at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:238)
at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
at java.security.KeyStore.load(KeyStore.java:1445)
at getprivatekeyfrompkcs12.GetPrivateKeyFromPKCS12.main(GetPrivateKeyFromPKCS12.java:21)

Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.

SOLVED
you must enter the passphrase correctly.

Friday, 17 April 2020

ANALYSIS OF HARDWARE SECURITY MODULE UTILIZATION FOR CERTIFICATION AUTHORITY SERVICES

  ANALYSIS OF HARDWARE SECURITY MODULE UTILIZATION FOR CERTIFICATION AUTHORITY SERVICES 

zaenal suhardono

The reliability of the development and application of information technology must be guaranteed so therefore it is always ready to use in accordance with the level of service required, as well as the level of data security has to be in accordance with laws and regulations. Security is an absolute aspect in the implementation of digital certification to build trust within users. However, the higher level of security applied to a system will reduce the system's performance. Therefore, the writer conducted a research on the security analysis of utilizing HSM and tested the performance of digital certificate issuance with and without HSM. Security analysis shows that the utilization of HSM can increase a higher level of security since it provides physical and logical security when generating, storing and using the private keys. In addition, with its anti-tamper feature, private keys are protected so they will not presented outside the HSM in a plain state. Therefore, keys are safe from unauthorized parties. The performance test shows that generation of keys using HSM takes 306,6 ms, which is 163,8 ms slower without HSM.


Wednesday, 15 April 2020

Java Cryptography : Encrypt and Decrypt Video Using AES 256 Java

I wrote a sample program to encrypt and decrypt a video file. 

public static String initVector = "1234567812345678";

//Method Encrypt Video   
  public static void encrypt(String key, String filePath, String outPath) throws FileNotFoundException, IOException {
        try {
            IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8"));
            SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

            cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);

            try (FileInputStream fis = new FileInputStream(filePath)) {

                FileOutputStream fos = new FileOutputStream(outPath);
                // Write bytes
                try (CipherOutputStream cos1 = new CipherOutputStream(fos, cipher)) {
                    // Write bytes
                    int b;
                    byte[] d = new byte[8];
                    while ((b = fis.read(d)) != -1) {
                        cos1.write(d, 0, b);
                        
                    }
                    // Flush and close streams.
                    cos1.flush();
                }
            }

        } catch (UnsupportedEncodingException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException ex) {

            System.out.print(ex.getMessage());
        }
    }

//Method Decrypt Video    
public static void decrypt(String key, String outPath, String inPath) throws FileNotFoundException, IOException {
        try {
            IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8"));
            SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES");

            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");

            cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);

            FileInputStream fis = new FileInputStream(outPath);

            CipherInputStream cis1;
            try (FileOutputStream fos = new FileOutputStream(inPath)) {
                cis1 = new CipherInputStream(fis, cipher);
                //     CipherInputStream cis2 = new CipherInputStream(fis, cipher2);
                int b;
                byte[] d = new byte[8];
                while ((b = cis1.read(d)) != -1) {
                    fos.write(d, 0, b);
                }   fos.flush();
            }
            //     CipherInputStream cis2 = new CipherInputStream(fis, cipher2);
            cis1.close();

        } catch (UnsupportedEncodingException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | InvalidAlgorithmParameterException ex) {

            System.out.print(ex.getMessage());
        }

    }

//Main Class     public static void main(String[] args) throws Exception {
        String key = "uxjdNijiyJDyOJ3RuxjdNijiyJDyOJ3";

        System.out.print("ENCRYPTION :");

        encrypt(key, "C:\\Users\\CRYPTOGRAPHY\\Documents\\EncryptFileAES.mp4", "C:\\Users\\CRYPTOGRAPHY\\Documents\\Encrypted.enc");
        System.out.println("DONE");
        
        
        System.out.print("DECRYPTION :");
        decrypt(key, "C:\\Users\\CRYPTOGRAPHY\\Documents\\Encrypted.enc", "C:\\Users\\CRYPTOGRAPHY\\Documents\\DecrypFile.mp4");
        System.out.println("DONE");
    }


Tuesday, 14 April 2020

[SOLVED] Invalid AES key length: 31 bytes

PROBLEM :
Invalid AES key length: 31 bytes

CAUSE
key length AES256 must 32 bytes

SOLVED
Edit key until key length 32 bytes

Friday, 10 April 2020

(SOLVED) MessageDigest.getInstance("SHA256") java.security.NoSuchAlgorithmException: SHA256

PROBLEM :
MessageDigest.getInstance("SHA256") java.security.NoSuchAlgorithmException: SHA256 MessageDigest not available

java.security.NoSuchAlgorithmException: SHA256 MessageDigest not available
 at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
 at java.security.Security.getImpl(Security.java:730)
 at java.security.MessageDigest.getInstance(MessageDigest.java:167)

SOLVED : 

Rename MessageDigest.getInstance("SHA256")  with MessageDigest.getInstance("SHA-256")

Tuesday, 10 March 2020

Command Generate Certificate Signing Request (CSR) with Openssl

openssl req -nodes -newkey rsa:2048 -keyout example.key -out example.csr -subj "/emailAddress=testing@test.id/C=ID/O=Personal/CN=testing123"

Return --> example.key
-----BEGIN PRIVATE KEY-----MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC+GY97PIu37Nmo1xCvzQp7z53S2OtmKV2c1VdthSze03Ce9Fal9Wg4Y17uo3znnYdRESKBzBPEBjVuFiv7tEf+VC2osfgD83rvIIFOjzQMozdyX6JWitmce8x+P+be1vKE3+HlG5z6r1zGuORC3YNDaSp0rzuMZRo+wi053zLVngI1hXWV2u3XDCz2ghEd6jl/8FN7Pe64JaYVz8uUlh6zwK//wJ5dn/1r6kFX+AJhYLrTJUxBl9Toq/euQUbNp8h7vnyQWbgFF/sC1JQ6q+LjrHqN61ullzMK4kCGO8TfskuRYBEJR5v4amT5ql7UDzjPeiqNXbTYalWTa1Ld//dLAgMBAAECggEATujFSl6DkMFcSF2dq5vtMh+oX5FzhWC+Xw+fzvJtAcG7CgBax2Dq9h0plt1+R5Z4SQpXzJEt0zzQiPXjJARdrhC7Mz9MuDclXIWdp0KCVIybw3o3JL1WP0KUTAOyjeWjncxhNH0V2GlalZLCDY9toVnSKcVjbo+5KTvpEhC4RTsuMma2gG2+3NvEThwNjgqCb+FARGhTGM8Ek13z5v3a5Z4Bo1QUqE2K+7gHzMbgcBvte05Ysp6NTaDA3nE7NsFfbcN6kBM4UV4cy4YuBV3O66ICuERkmnh703xg7WyAfCpzNU7Topl0AVvmzsT4spIZp6Js3JW8e8Gf3Zc/h3SGoQKBgQDp42WChFurMfyIxed1IyNwuSqiuiwskys0MJnvd/Y7lS7KBWF0Kn+VOJCRq77vwOtZG2Y0qJXiqKEXimrl8QWJ2c5jDGAwOUcdTFx4fq5khrcj1CO6eOxQ5H4AoLu97Gp/BgZvvjrNct5cCKU+8LusjvcFjp/hivT6oGOnDVpjxwKBgQDQEmOe1a6yAGRv0BZz/A5C009OdOCabAaNbS93toYyqTH1BaXktbjTA+5pk54qnS4mI3DCmBLZGpuCKBvZWjzuRqrfs8ziR+WpVofT9Mr52fUD99vpAVT2vXuVXQlAC9Uvu2YxhaXLhYKfe4FYuyLzVfeaS55iehTYkQUQN5iIXQKBgCEVLyiU/Dps6aGXDLQ+8iZhqqw11UXA012gekWrHEM1SNb+h9hcootC4wAX4Pwct610+LH+HqVe4Nppk9FOlE/5ZP4RpBFuKKb2RCYvFQ/XFlSVDzCzJgoTJ9eC5Mtqg23QNlzb9YlV9Cnkdys99e3kkwBQOkE23IwO38mjU+PFAoGAFns2Kk46Lt9d+rrIAkYkoFHGitqT/ftYBeXbMBsXite/HxM6JmkADESreNrLRx1uhA5mO5BE0RJP5RNCVwyp8rDN+5eotnZAOTixOlSDrdU/5Ord5uIO9Q3qEWxY+IOOyDZ+RzGChWfqgiLNCfJGR3ZtZ01uUoOQRwn8OxFWuL0CgYB6jZF79Xlr/uBOsblElg0YOlWRqlQwWnDKodbftjDB90Qe3j8qW2qs8IPqEThYXkwSpVDAEaJC/Xtx4TKIzxSmVisHOu0hwJfNAGev7wsWZj+20lujMq3MWEKVqP16zO5asAlnJFBbmauCsb+60Rfe31Z/0sVNaj3I1an6rv/l2Q==-----END PRIVATE KEY-----
Return example.csr

-----BEGIN CERTIFICATE REQUEST-----MIIClzCCAX8CAQAwUjEfMB0GCSqGSIb3DQEJARYQdXNlcjUyQHRpbGFrYS5pZDELMAkGA1UEBhMCSUQxETAPBgNVBAoMCFBlcnNvbmFsMQ8wDQYDVQQDDAZ1c2VyNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+GY97PIu37Nmo1xCvzQp7z53S2OtmKV2c1VdthSze03Ce9Fal9Wg4Y17uo3znnYdRESKBzBPEBjVuFiv7tEf+VC2osfgD83rvIIFOjzQMozdyX6JWitmce8x+P+be1vKE3+HlG5z6r1zGuORC3YNDaSp0rzuMZRo+wi053zLVngI1hXWV2u3XDCz2ghEd6jl/8FN7Pe64JaYVz8uUlh6zwK//wJ5dn/1r6kFX+AJhYLrTJUxBl9Toq/euQUbNp8h7vnyQWbgFF/sC1JQ6q+LjrHqN61ullzMK4kCGO8TfskuRYBEJR5v4amT5ql7UDzjPeiqNXbTYalWTa1Ld//dLAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAR39Iy8jB8ZVrUKxddD3BndF3tjL+X0WnW7hnwQnCpOYoEy/IfkppJhK09AhG62yryGcc+WJFwWz2mFytG28HvB2dVentO6MwUUHJ0K2AFFKphU0LHCs1hXzsuPqKGIBbxkxmaNW/Omozy8asvkiEQl9qZPjWpeROBRXQtDYfhR0VXSSB51rmK7Vc4J0t3VlMyPgNav+JewoygspkSYOCxJ4IcsHSQ0ATuLu52+6DfLhJ42ukocyRnSiUp8WYDRwK+yCPkqojtjhS19xb0v85Lz7OgHy62xXRmWiBR6SZmNSYaafzzwFkS5QfQ2eZnIGubas+u6uRVuSKkJPWH/ga1g==-----END CERTIFICATE REQUEST-----



Monday, 11 November 2019

Implementation of Advanced Encryption Standard Algorithm with Key Length of 256 Bits for Preventing Data Loss in an Organization

Data and network security is one among the foremost necessary factors in today’s business world. In recent, businesses and firms like financial institutions, law firms, schools, health sectors, telecommunications, mining and a number of government agencies want a strategic security technique of managing its data. Organizations managing bigger monetary information, bio-data and alternative relevant info are losing its valuable information or data at rest, in usage or in motion to unauthorized parties or competitors as a result of activities of hackers. Organizations are losing millions of dollars as a result of unprotected data that gets into the hands of malicious persons. Data protection in an organization has become vital in today’s business. In order to possess secure information, this information should be protected in order that although malicious persons get access to the info, it becomes wealthless and useless to them. Advanced Encryption Standard (AES), could be a scientific discipline rule that may be used for secured data and communication in an organization, it uses same key that's isobilateral key for transmission additionally as reception. The AES rule is capable of using cryptographic keys of 128, 192, and 256 bits, this paper implement AES block cipher of 256-bits and 256-bit key size, developed with C# as a front-end client machine and MS SQL used for the database as a back-end machine.

Keywords: Cryptography; AES algorithm; Decryption; Encryption; Cipher; 256-bit-key

Sunday, 10 November 2019

Implementation of 128, 192 & 256 bits Advanced Encryption Standard on Reconfigurable Logic

Implementation of 128, 192 & 256 bits Advanced Encryption Standard on Reconfigurable Logic
Monika Gupta1 , Swapnil Mahto 2 , Ambresh Patel 3
M.tech Scholar1, Assistant Professor 2, Assistant Professor 3
Sri Satya Sai College of Engineering Bhopal M.P. India
Abstract - Advanced encryption standard is adopted by NIST to replace data encryption standard, which was affected by several attacks. In this paper implementation of all three modes namely 128, 192 and 256 of advanced encryption standard is discussed for reconfigurable logic. All these modes are implemented using four design architectures namely: 2 stage sequential, 3 stage sequential , combinational and pipelined.
Keywords - Advanced encryption standard, Sequential, combinational, pipelined, encryption,
cryptography

Source:http://www.ijettjournal.org/