6

I have some text that is in a file. I want to encrypt this file so that an end user can not read or write to this file, but the application can read it. There can be a stored secret in the application because it is being secured in another way.

What type of Encryption support these requirements?

I was thinking of AES. I do not know much about encryption, and was looking for a starting point. An algorithm or a framework suggestion would be great.

One last note, the code is in Java running on a Windows and Linux environment.

Improve this question

3 Answers 3

Reset to default
5

Since you've tagged the post as "Java" - I'd recommend looking at the "Java Cryptography Extension" (JCE). Since J2SE 1.4 it's been bundled with the SDK and JRE.

And of course, a requisite example and overview of using AES in the JCE.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

If the application can read it, the application has a key in it. And if the application has a key in it, a sufficiently energetic user can find that key and use it for themselves. Or spy on memory and see the decrypted version.

Improve this answer

2 Comments

Actually, we use something call Software Shield on of product. It is a mini OS that wraps you application and obfuscates things like that so we can store keys on the software. It is some neat stuff.
Huile de serpent. 'Obscurity' is never really security, but on the other hand 'security' is a matter of how much you care and how much you care to spend. If some obscurity floats your boat, it floats your boat.
3

AES or RSA would be just fine. An important thing to notice though is that once your program decrypts data, a reverse engineer would easily recover the plaintext without any knowledge of the key or algorithm of encryption.

Improve this answer

13 Comments

I don't think RSA fits this problem at all.
If you had to pick one, what would you go for. I really dont know too much about encryption. I just want something that will be easy and fast to implement.
It doesn't matter so much because the decrypted data can be extracted whatsoever. I think i would probably pick AES, but if i wanted to be a bit more versatile i could include a dynamic library that would be responsible for handling the public key and doing the decryption. To do things fast use AES, for more versatility RSA.
-1. RSA isn't the proper algorithm for file encryption. can it be done - yes. RSA is a asymmetric encryption algorithm and is best suited for encrypting keys. Use AES or another symmetric block cypher and then if you need to transport the AES password/key, encrypt the key with RSA using the recipient's public key.
@SpyrosP - RSA was designed specifically to encrypt data blocks shorter than it's key length. The concept of public key cryptography was designed to transmit very small blocks of data (keys) over insecure channels. The max number of bytes that can be encrypted with RSA is calculated: ((KeySize - 384) / 8) + 37. Even if you could, the algorithm is too incredibly inefficient to be encrypting large files! I am not going out on a limb here, this is basic stuff. Don't take my word for it though, do some research. You can even start right here on SO: stackoverflow.com/q/1199058/573083
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.