encryption keysize restriction

[harryos]

hi
i tried to use 192 bit encryption like below

Cipher c = Cipher.getInstance("Blowfish/ECB/NoPadding");
// create a 192 bit secret key from raw bytes
SecretKey key192 = new SecretKeySpec(
new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,0x10, 0x11, 0x12, 0x13,
0x14, 0x15, 0x16, 0x17 },"Blowfish");
//try encrypting with the 192bit key
c.init(Cipher.ENCRYPT_MODE, key192);
c.doFinal(data);
System.out.println("192 bit test: passed");


....
the above code gives an invalid keysize error..I live outside U.S..and
am using java 1.6.0_05-b13 .so i don't know if i can use larger keys
for encryption..I read about 'unrestricted policy files' in some java
book..Is there such a policy file ?I couldn't find any on sun java
site

any help wd be most welcome
thanks
harry

 

[Ronny Schuetz]

the above code gives an invalid keysize error..I live outside U.S..and

am using java 1.6.0_05-b13 .so i don't know if i can use larger keys
for encryption..I read about 'unrestricted policy files' in some java
book..Is there such a policy file ?I couldn't find any on sun java
site

http://java.sun.com > JavaSE > Downloads > Other downloads (bottom of
the page).

Ronny

 

[harryos]

Plase do not ever use ECB mode unless you want the attacker to be
able to read your cyphertext.

Seehttp://www.bouncycastle.org/java.html

thanx rossum for the reply
I was going thru a book on cryptography using java..The book uses
Blowfish Encryption and ECB..they also mentioned the use of
unrestricted policy file.

I will keep your advice in mind and will use AES instead.
thanks again
harry

 

[Roedy Green]

...
the above code gives an invalid keysize error..I live outside U.S

This law is downright silly.

1. it is a US law, so it has no effect on people in other countries.

2. It prevents US corporations from selling encryption to
non-Americans. But all the US corporation is required to do, is ask
where the customer lives. If the customer lies, the US corporation is
off the hook.

3. All the cryptographic algorithms are published openly, so they can
all be recoded. The law does not protect any secrets.

4. With absolutely minimal effort non-Americans can get the software.

5. The law mainly has the effect of stimulating the Australian
cryptographic industry, sending corporate sales to them.

6. It is a politicians' law to spread a false fog of doing something.
It was framed by people with no understanding whatsoever of the
technology.

7. It allows Canadians to have the encryption software, but has no
teeth to stop Canadians from passing it on.

8. It loses sales for US companies.

see
http://java.sun.com/javase/technologies/security/#UnlimitedDownload
for add on to improve JCE encryption strength.
--
Roedy Green Canadian Mind Products
http://mindprod.com
Your old road is
Rapidly agin'.
Please get out of the new one
If you can't lend your hand
For the times they are a-changin'.