encryption in Oracle, decryption in Java

Discussion in 'Java' started by schw, May 10, 2007.

  1. schw

    schw Guest

    Hi

    I encountered a problem not sure how to solve it. please help if
    possible.

    in oracle9 I do a simple encryption (using DES) that gives me the
    following RAW:

    F26D94ECDACDBD111584C7A8A9018A5C

    when decrypted I get 36463643363133313332333333343335 which is
    correct.

    However in java when I try decrypting the
    'F26D94ECDACDBD111584C7A8A9018A5C' I get this:

    3646364336313331c15fa7dfe9f98e24

    First 8 bytes are exactly the same, the other 8 bytes differ, why ?

    In Java I use the following code:

    Cipher dcipher = null;

    dcipher = Cipher.getInstance("DES/ECB/NoPadding");

    SecretKey myKey = new SecretKeySpec(_key, "DES");

    dcipher.init(_cryptMode, myKey);

    return dcipher.doFinal(_buffer);

    Obviously keys in both encryption and decryption are the same.

    Thanks for any hints.
     
    schw, May 10, 2007
    #1
    1. Advertising

  2. schw

    rossum Guest

    On 10 May 2007 07:16:58 -0700, schw <> wrote:

    >Hi
    >
    >I encountered a problem not sure how to solve it. please help if
    >possible.
    >
    >in oracle9 I do a simple encryption (using DES) that gives me the
    >following RAW:

    Why DES? AES is faster and more secure.

    >
    >F26D94ECDACDBD111584C7A8A9018A5C
    >
    >when decrypted I get 36463643363133313332333333343335 which is
    >correct.
    >
    >However in java when I try decrypting the
    >'F26D94ECDACDBD111584C7A8A9018A5C' I get this:
    >
    > 3646364336313331c15fa7dfe9f98e24

    This example is now insecure and must be changed in your production
    system.

    >
    >First 8 bytes are exactly the same, the other 8 bytes differ, why ?

    DES has a 8 byte blocksize. You are probably using different block
    cypher modes at each end so the decryption fails. Given that the
    first block decrypts correctly using ECB, it is possible that the
    Oracle encryption is CBC with a zero initialisation vector (IV).
    Decrypting that with ECB will give the effect you describe.

    >
    >In Java I use the following code:
    >
    >Cipher dcipher = null;
    >
    >dcipher = Cipher.getInstance("DES/ECB/NoPadding");

    ECB mode is not secure, I would be surprised if the Oracle code is
    using plain ECB. For a literal illustration of the insecurity of ECB
    see http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

    Try changing to CBC mode:
    Cipher dcipher = Cipher.getInstance("DES/CBC/NoPadding");
    ^^^

    CBC mode is more common and more secure than ECB. As I said above,
    using ECB to decrypt CBC with a zero IV will give one block of
    plaintext followed by gibberish. Using a zero IV is somewhat
    insecure, but less insecure than ECB.

    You can also try any other modes that your Java implementation allows.
    If none of them work then try to find out what mode the Oracle
    encryption is using.

    Added: I have done a quick hand calculation for the first three bytes
    of the second block, my conjecture is probably correct - it looks as
    if Oracle is encrypting in CBC mode with a zero IV.

    rossum

    >
    >SecretKey myKey = new SecretKeySpec(_key, "DES");
    >
    >dcipher.init(_cryptMode, myKey);
    >
    >return dcipher.doFinal(_buffer);
    >
    >Obviously keys in both encryption and decryption are the same.
    >
    >Thanks for any hints.
     
    rossum, May 10, 2007
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Srinivasa Reddy K Ganji

    database connection string encryption and decryption

    Srinivasa Reddy K Ganji, Jul 18, 2003, in forum: ASP .Net
    Replies:
    1
    Views:
    724
    Gary Varga
    Jul 18, 2003
  2. Replies:
    2
    Views:
    1,629
    Sushant Bhatia
    May 3, 2005
  3. Replies:
    6
    Views:
    683
    DishanF
    Jan 12, 2005
  4. Aidan Diffey
    Replies:
    11
    Views:
    9,571
    Chris Uppal
    Oct 24, 2005
  5. dj_uncas
    Replies:
    12
    Views:
    19,891
    dj_uncas
    Nov 24, 2008
Loading...

Share This Page