Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

invalid AES key length error

this code give invalid AES key length error. how can i correct it ? ( i want 128 bit key AES encryption )

package org.temp2.cod1;
import java.security.*;

import javax.crypto.*;
import javax.crypto.spec.*;
import java.io.*;

public class Code1 {

    public static void main(String[] args) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
    String s = "9882623867";
    byte[] plaintext = s.getBytes("UTF-16");
    String s2 = "supernova";
    byte[] key = s2.getBytes("UTF-16");
    Cipher c = Cipher.getInstance("AES");
    SecretKeySpec k =  new SecretKeySpec(key, "AES");
    c.init(Cipher.ENCRYPT_MODE, k);
    byte[] encryptedData = c.doFinal(plaintext);
    System.out.println(encryptedData);
}
}

any help appreciated

like image 643
silverkid Avatar asked Nov 19 '09 03:11

silverkid


People also ask

What is valid AES key length?

Advanced Encryption Standard (AES) keys are symmetric keys that can be three different key lengths (128, 192, or 256 bits). AES is the encryption standard that is recognized and recommended by the US government. The 256-bit keys are the longest allowed by AES.

How do I verify my AES key?

Use an HMAC. The basic premise is that you run the plaintext through an HMAC, add the result to the plaintext and then encrypt. Then do the opposite when decrypting. If the plaintext and HMAC result match, then you know you've got the correct key.

How long should AES 256 key be?

AES-256, which has a key length of 256 bits, supports the largest bit size and is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard.

Does the block length have to match the AES key length?

There is no relationship between key size and block size in AES , because it it not a simple XOR . Block size is always 128 bits, but key size can be 128, 192, and 256 bits based on algorithm rounds. AES is a complex algorithm with a lot of steps.


3 Answers

Use a SecretKeyFactory to derive key bytes from a password.You can see a detailed example here. Note that you'll need to specify a key length of 128 bits key instead of 256 bits as shown in that example.

The next problem that you will run into is that you have not specified a padding scheme. Unless your messages are a multiple of 16 bytes (the AES block size), that will raise an error. Use PKCS5Padding as shown in the example.

Use of CBC mode on the cipher will require a new initialization vector to be chosen for each message. This unique IV must be sent along with the encrypted message to the recipient.

Trying to perform cryptography without a thorough understanding of the concepts raised here (and a lot more) is likely to result in an insecure system.

like image 108
erickson Avatar answered Sep 22 '22 08:09

erickson


You can't typically use any arbitrary key length (such as you're doing here with "supernova") for a block cipher like AES. You must use a supported key length (128, 192, 256, etc) appropriate for your algorithm of choice.

One common way to do this is to hash your passphrase (e.g., via SHA) and extract the first N bytes. This is better anyhow, as it allows you to "salt" your password with an initialization value such that no two users' "keys" are identical even if their passphrases are the same. If you're really interested in this stuff, the seminal work is Applied Cryptography by Bruce Schneier.

For practical implementation details, see

like image 36
DarkSquid Avatar answered Sep 18 '22 08:09

DarkSquid


You can get this error when the key you're trying to use isn't the right length.

So in psuedocode, you're trying something like this:

String key = "123";
SecretKeySpec k =  new SecretKeySpec(key, "AES");

but the key is too short - it needs to be something like, say 31 characters long.

So check your key value -> it's probably stored somewhere incorrectly.

like image 31
Brad Parks Avatar answered Sep 18 '22 08:09

Brad Parks