Menu
It seems to be confusing Triple-DES (>128bit) with plain DES (64bit). I'm trying to encrypt a Derby database with Triple DES (or DESede) using Java 1.5
I found this discussion forum message about a problem with JDK 1.5 by chance and so checked to make sure that it really was using DESede and not plain DES. When I created the database with a Triple DES (168bit) URL
jdbc:derby:MySecureDB;dataEncryption=true;encryptionAlgorithm=DESede/CBC/NoPadding;bootPassword=$ecureC@deCanBr@kE0074242
I was still able to open it and access it with the (plain) DES (64bit) URL
jdbc:derby:MySecureDB;dataEncryption=true;encryptionAlgorithm=DES/CBC/NoPadding;bootPassword=$ecureC@deCanBr@kE0074242
This is not the behavior I expect!!! I should not be able to open it with the wrong encryption algorithm. How can I make sure it really encrypts it with the right (>128bit) algorithm?
Derby seems to use the right function for Java 1.5 mentioned in JCECipherProvider.java. My reading of the code indicates that Derby does not handle Triple DES as different from plain DES... Can I really trust that it is using strong encryption?
948
Part of what Triple DES does is to protect against brute force attacks. The original DES symmetric encryption algorithm specified the use of 56-bit keys -- not enough, by 1999, to protect against practical brute force attacks. Triple DES specifies the use of three distinct DES keys, for a total key length of 168 bits.
3DES is an encryption cipher derived from the original Data Encryption Standard (DES). 3DES was first introduced in 1998, the algorithm is primarily adopted in finance and other private industry to encrypt data-at-rest and data-in-transit.
History. In 1978, a triple encryption method using DES with two 56-bit keys was proposed by Walter Tuchman; in 1981 Merkle and Hellman proposed a more secure triple key version of 3DES with 112 bits of security.
Without the key, the 112-bit 3DES cannot be decrypted. Unless you have a means to steal the shared key, even the most powerful brute-force engines currently available will take longer than the planet's expected lifespan to find the key.
I believe that the documentation is wrong, and that you do not actually need to specify the encryption algorithm to use when using a non-default algorithm, since the algorithm that should be used is specified in $DERBY_HOME/database/service.properties
In my case, when I created a database with your parameters my service.properties had the following contents (amongst other non-relevant entries):
log_encrypt_algorithm_version=1
encryptionAlgorithm=DESede/CBC/NoPadding
dataEncryption=true
derby.encryptionBlockSize=8
encryptionKeyLength=168-24
encryptedBootPassword=472b7cc5600605333392dd10a46067d2e2935fd4c350d533-43435
data_encrypt_algorithm_version=1
You can verify that this is used, by changing the algorithm used. If you change the specified algorithm in that file to DES, then you will not be able to restart the database.
For example:
$ ../bin/ij
ij version 10.4
ij> connect 'jdbc:derby:testdb;create=true;dataEncryption=true;encryptionAlgorithm=Blowfish/ECB/NoPadding;bootPassword=$ecureC@deCanBr@kE0074242';
ij> quit;
$ sed -i .o 's/Blowfish/DES/' testdb/service.properties
$ ../bin/ij
ij version 10.4
ij> connect 'jdbc:derby:testdb;bootPassword=$ecureC@deCanBr@kE0074242';
ERROR XJ040: Failed to start database 'testdb', see the next exception for details.
ERROR XBM06: Startup failed. An encrypted database cannot be accessed without the correct boot password.
ij> quit;
$ sed -i .o 's/DES/Blowfish/' testdb/service.properties
$ ../bin/ij
ij version 10.4
ij> connect 'jdbc:derby:testdb;bootPassword=$ecureC@deCanBr@kE0074242';
ij> quit;
$
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
