Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Image encryption/decryption using AES256 symmetric block ciphers [closed]

Tags:

java

android

cryptography

encryption

aes

Is there any good example of how to encrypt and decrypt image and other files with AES on Android?

like image 732
hardartcore Avatar asked Jul 22 '11 09:07

hardartcore

People also ask

Has AES 256 been broken?

AES, which typically uses keys that are either 128 or 256 bits long, has never been broken, while DES can now be broken in a matter of hours, Moorcones says. AES is approved for sensitive U.S. government information that is not classified, he adds.

Can aes256 be decrypted?

Brute-force attacks on a 256-bit key are impossible (physically impossible, actually). However, mathematical weaknesses in AES could be discovered in the future (or could already have been discovered and kept secret) that would make it feasible to decrypt AES-encrypted data without the key.

What is AES encryption and how does it work?

The AES Encryption algorithm (also known as the Rijndael algorithm) is a symmetric block cipher algorithm with a block/chunk size of 128 bits. It converts these individual blocks using keys of 128, 192, and 256 bits. Once it encrypts these blocks, it joins them together to form the ciphertext.

Is AES 256 still secure in 2021?

AES-256 is definitely secure for file storage. The only weakness is the key that you choose. As long as you choose a strong key for it, AES-256 will keep your files safe.

2 Answers

Warning: This answer contains code you should not use as it is insecure (using SHA1PRNG for key derivation and using AES in ECB mode)

Instead (as of 2016), use PBKDF2WithHmacSHA1 for key derivation and AES in CBC or GCM mode (GCM provides both privacy and integrity)

You could use functions like these:

private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {     SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");     Cipher cipher = Cipher.getInstance("AES");     cipher.init(Cipher.ENCRYPT_MODE, skeySpec);     byte[] encrypted = cipher.doFinal(clear);     return encrypted; }  private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception {     SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");     Cipher cipher = Cipher.getInstance("AES");     cipher.init(Cipher.DECRYPT_MODE, skeySpec);     byte[] decrypted = cipher.doFinal(encrypted);     return decrypted; }

And invoke them like this:

ByteArrayOutputStream baos = new ByteArrayOutputStream();   bm.compress(Bitmap.CompressFormat.PNG, 100, baos); // bm is the bitmap object    byte[] b = baos.toByteArray();    byte[] keyStart = "this is a key".getBytes(); KeyGenerator kgen = KeyGenerator.getInstance("AES"); SecureRandom sr = SecureRandom.getInstance("SHA1PRNG"); sr.setSeed(keyStart); kgen.init(128, sr); // 192 and 256 bits may not be available SecretKey skey = kgen.generateKey(); byte[] key = skey.getEncoded();      // encrypt byte[] encryptedData = encrypt(key,b); // decrypt byte[] decryptedData = decrypt(key,encryptedData);

This should work, I use similar code in a project right now.

like image 131
Nacho L. Avatar answered Oct 04 '22 18:10

Nacho L.

As mentioned by Nacho.L PBKDF2WithHmacSHA1 derivation is used as it is more secured.

import android.util.Base64;  import java.security.NoSuchAlgorithmException; import java.security.spec.InvalidKeySpecException; import java.security.spec.KeySpec;  import javax.crypto.Cipher; import javax.crypto.SecretKeyFactory; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.SecretKeySpec;  public class AESEncyption {      private static final int pswdIterations = 10;     private static final int keySize = 128;     private static final String cypherInstance = "AES/CBC/PKCS5Padding";     private static final String secretKeyInstance = "PBKDF2WithHmacSHA1";     private static final String plainText = "sampleText";     private static final String AESSalt = "exampleSalt";     private static final String initializationVector = "8119745113154120";      public static String encrypt(String textToEncrypt) throws Exception {          SecretKeySpec skeySpec = new SecretKeySpec(getRaw(plainText, AESSalt), "AES");         Cipher cipher = Cipher.getInstance(cypherInstance);         cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(initializationVector.getBytes()));         byte[] encrypted = cipher.doFinal(textToEncrypt.getBytes());         return Base64.encodeToString(encrypted, Base64.DEFAULT);     }      public static String decrypt(String textToDecrypt) throws Exception {          byte[] encryted_bytes = Base64.decode(textToDecrypt, Base64.DEFAULT);         SecretKeySpec skeySpec = new SecretKeySpec(getRaw(plainText, AESSalt), "AES");         Cipher cipher = Cipher.getInstance(cypherInstance);         cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(initializationVector.getBytes()));         byte[] decrypted = cipher.doFinal(encryted_bytes);         return new String(decrypted, "UTF-8");     }      private static byte[] getRaw(String plainText, String salt) {         try {             SecretKeyFactory factory = SecretKeyFactory.getInstance(secretKeyInstance);             KeySpec spec = new PBEKeySpec(plainText.toCharArray(), salt.getBytes(), pswdIterations, keySize);             return factory.generateSecret(spec).getEncoded();         } catch (InvalidKeySpecException e) {             e.printStackTrace();         } catch (NoSuchAlgorithmException e) {             e.printStackTrace();         }         return new byte[0];     }  }
like image 34
Abiranjan Avatar answered Oct 04 '22 16:10

Abiranjan
Sign in to Comment

Related questions

How to get year, month, day, hours, minutes, seconds and milliseconds of the current moment in Java?
Import package.* vs import package.SpecificType [duplicate]
java.net.UnknownHostException: Unable to resolve host "<url>": No address associated with hostname and End of input at character 0 of
Ignoring SSL certificate in Apache HttpClient 4.3
Is .NET/Mono or Java the better choice for cross-platform development? [closed]
Subscript and Superscript a String in Android
How can a Java variable be different from itself?
What is the difference between @ApplicationScoped and @Singleton scopes in CDI?
How to make ThreadPoolExecutor's submit() method block if it is saturated?
When to use wrapper class and primitive type
JSF vs Facelets vs JSP [duplicate]
Meaning of Android Studio error: Not annotated parameter overrides @NonNull parameter
Gets byte array from a ByteBuffer in java
What are the main uses of yield(), and how does it differ from join() and interrupt()?
How does the static modifier affect this code?
Android "gps requires ACCESS_FINE_LOCATION" error, even though my manifest file contains this
JUnit 4 compare Sets
How to create a new file together with missing parent directories?
How to find an object in an ArrayList by property
What are the benefits of Java's types erasure?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!