Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is PBEWithMD5AndDes?

I am learning encryption algorithm in Java and stumble upon this algorithm:

  SecretKey key = SecretKeyFactory.getInstance(
                    "PBEWithMD5AndDES").generateSecret(keySpec);

I know it stands for Password Based Encryption with MD5 and DES algorithms. I know MD5 and DES are two separate algorithm encryption key but what exactly does PBEWithMD5AndDes means as an algorithm?

There isn't much resources online that does a good explanation regarding this "algorithm".

I was hoping someone could give simple and brief explanation about how this is different from a normal MD5 or normal DES algorithm.

like image 394
Daredevil Avatar asked Jan 11 '19 09:01

Daredevil


People also ask

What is PBEWithMD5AndDES algorithm?

PBEWithMD5AndDES: The PBES1 password-based encryption algorithm as defined in PKCS #5: Password-Based Cryptography Specification, Version 2.1. Note that this algorithm implies CBC as the cipher mode and PKCS5Padding as the padding scheme and cannot be used with any other cipher modes or padding schemes.

What is PBE MD5?

PBE with MD5 and DES is a cryptographic method using the Message Digest 5 (MD5) and Data Encryption Standard (DES) algorithms. MD5 is the message digest algorithm developed by Ronald Rivest in 1991. MD5 takes messages of any length and generates a 128 bit message digest.

What is PBES2?

6.2 PBES2 PBES2 combines a password-based key derivation function, which shall be PBKDF2 (Section 5.2) for this version of PKCS #5, with an underlying encryption scheme (see Appendix B.2 for examples). The key length and any other parameters for the underlying encryption scheme depend on the scheme.

What is StandardPBEStringEncryptor?

StandardPBEStringEncryptor enables a user to specify the algorithm (and provider) to be used for encryption, the password to use, the number of hashing iterations and the salt generator that will be applied for obtaining the encryption key. PooledPBEStringEncryptor is an enhanced version of StandardPBEStringEncryptor .


1 Answers

Extending the previous answer

what exactly does PBEWithMD5AndDes means as an algorithm?

PBE is using an encryption key generated from a password, random salt and number of iterations, see the KeySpec parameters.

KeySpec pbeSpec = new PBEKeySpec(password.toCharArray(), psswdSalt, PBKDF_INTERATIONS, SYMMETRIC_KEY_LENGTH)

The idea is - passwords tend to be short and not random enough, so they are easy to guess. Using number of iterations should make the guessing somewhat harder.

PBEWithMD5AndDesis using MD5 and DES to generate the key, see the example code. Real life implementation should use much higher number of iterations

How does that differ with just using MD5 or just DES? That's what i would like to know.

In theory - you may use pure MD5 or DES, but today's computer could guess the passwords very fast.

Please note DES and MD5 are obsolete today. MD5 collision can be found under a minute on a commodity hardware and DES is using 64 bit key which is pretty short to be considered secure today.

like image 85
gusto2 Avatar answered Oct 20 '22 04:10

gusto2