Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why PBE generates same key with different salt and iteration count?

Tags:

iteration

passwords

key

salt

I am trying to test PBE encryption/decryption. I found that PBE generates same key with different salt and iteration count. Of course, the password used is same. As what I understand, same password and different salt/iteration should get different keys. Below is my test code:

import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

public class PBETest
{
    public static void main(String[] args)
        throws Exception
    {
        String algo = "PBEWithSHA1andDESede";
        System.out.println("====== " + algo + " ======");

        char[] password = "password".toCharArray();
        SecureRandom rand = new SecureRandom();
        byte[] salt = new byte[32];
        rand.nextBytes(salt);
        int iterationCount = rand.nextInt(2048);

        //encryption key
        PBEKeySpec          encPBESpec = new PBEKeySpec(password, salt, iterationCount);
        SecretKeyFactory    encKeyFact = SecretKeyFactory.getInstance(algo);
        Key encKey = encKeyFact.generateSecret(encPBESpec);
        System.out.println("encryptioin iteration: " + iterationCount);

        //decryption key
        rand.nextBytes(salt);
        iterationCount = rand.nextInt(2048);
        PBEKeySpec          decPBESpec = new PBEKeySpec(password, salt, iterationCount);
        SecretKeyFactory    decKeyFact = SecretKeyFactory.getInstance(algo);
        Key decKey = decKeyFact.generateSecret(decPBESpec);
        System.out.println("decryptioin iteration: " + iterationCount);

        System.out.println("encryption key is same as decryption key? " + encKey.equals(decKey));

    }

}

I am expecting the final output is a false. Did I do anything wrong?

like image 619
Michael Avatar asked Jul 26 '12 10:07

Michael

1 Answers

You got spectacularly lucky, and your random salts and iteration counts just happened to match. Go directly to Las Vegas. Now. ;)

I googled for PBEWithSHA1andDESede and tracked down this example: http://cryptofreek.org/2010/06/04/encrypting-and-decrypting-files-with-java wherein he specifies the key alone with new PBEKeySpec(password) and creates a separate PBEParameterSpec using the salt and iteration count which is then passed to Cipher.init().

So, no, you did nothing wrong, you just stopped before the salt and count got stuffed into the cipher.

like image 73
tbroberg Avatar answered Nov 03 '22 00:11

tbroberg
Sign in to Comment

Related questions

Why doesn't OWASP recommend to bcrypt the password both on the client and the server?
How can I change the dots to another character on password field in iOS Swift
Storing passwords with python
Using ruby to generate SHA512 crypt-style hashes formatted for /etc/shadow?
Wordpress password reset hook
Password authentication fails with complex password
cefsharp app remember password option
expect, interact and then again expect
Sensitive data in java heap dumps
Probability of 3-character string appearing in a randomly generated password
Is this password generator biased? [closed]
How to zip file with password (AES) for iOS and Android? [closed]
Generate unique random alphanumeric characters that are 7 characters long
Drupal 6 user password import to Drupal 7
Regular Expression matching at least n of m groups
TextBox Password Char
Best way to store passwords in a mysql database? [duplicate]
Cakephp Password Protection with htaccess and htpasswd - howto?
i *must* store third party credentials in my database. best way?
Does this mean my university is storing passwords insecurely?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!