Java encryption newbie (2)

[Marco A. Cruz Quevedo]

Hi everybody,

Finally, I have the following code:

.. . . . . . . . . . . . . . . . . . . . . . . . . . .

InputStream my_inStream = new FileInputStream("myown_b64.cer");
CertificateFactory my_cf = CertificateFactory.getInstance("X.509");
X509Certificate my_cert =
(X509Certificate)my_cf.generateCertificate(my_inStream);
System.out.println("Serial number:"+my_cert.getSerialNumber());

RSAPublicKey my_pubkey = (RSAPublicKey)my_cert.getPublicKey();
my_inStream.close();

String orig_message ="The original message";

Cipher my_cipher = Cipher.getInstance("RSA");
my_cipher.init(Cipher.ENCRYPT_MODE, my_cert);
byte[] scrambled = my_cipher.doFinal(orig_message.getBytes());

String encoded = Base64.encodeBytes(scrambled);

System.out.println("Message: "+orig_message);
System.out.println("\nEncrypted: "+encoded);

.. . . . . . . . . . . . . . . . . . . . . . . . . . .

The original message is constant and everytime I run the program, the
encrypted message is different. I tried with different length messages
and the encrypted message has same length. What is wrong? Is it
normal?.

Any help will be appreciated.

Best regards,

Marco

 

[Roedy Green]

The original message is constant and everytime I run the program, the
encrypted message is different. I tried with different length messages
and the encrypted message has same length. What is wrong? Is it
normal?.

It probably is normal. Most encryption algorithms add some "salt", a
random number to the beginning of the message. This way if you keep
sending the same message over and over, a snoop won't be able to tell
that is happening.

 

[Marco A. Cruz Quevedo]

It probably is normal.  Most encryption algorithms add some "salt", a
random number to the beginning of the message. This way if you keep
sending the same message over and over, a snoop won't be able to tell
that is happening.

Ok, I understand that this makes safer algorithm but, why different
length messages produce encrypted messages with same lenght?

Thank you for your response,

Regards,

Marco.

 

[Mike Schilling]

Ok, I understand that this makes safer algorithm but, why different
length messages produce encrypted messages with same lenght?

I'm not familiar with the algorithm you're using, but certainly disguising
the length of the original message is a good thing.

 

[Arne Vajhøj]

It probably is normal. Most encryption algorithms add some "salt", a
random number to the beginning of the message. This way if you keep
sending the same message over and over, a snoop won't be able to tell
that is happening.

Salt prefix is common in with hashing of passwords.

It is not common at all to be build into the fundamental
algorithms - neither encryption nor hashing.

Padding (suffixing) to multipla of N bytes is rather common.

Arne