Topic
2 replies Latest Post - ‏2012-07-13T06:54:20Z by willey
MoreThanAir
MoreThanAir
2 Posts
ACCEPTED ANSWER

Pinned topic Question in the encryption example with the IV

‏2012-07-09T11:46:14Z |
Hi, all

I'm studying 'Java Security' by Jess Garms. I'm looking into the sample code, and found something difficult to understand.

These are two methods ; encryption and decryption.

private static void encrypt(char[] password, String fileInput,
String fileOutput) throws Exception {
System.out.println("Loading the key.");
Key key = loadKey(password);
System.out.println("Loaded the key.");

Cipher cipher = Cipher.getInstance("Rijndael/CBC/PKCS5Padding");
System.out.println("Initializing SecureRandom...");

SecureRandom random = new SecureRandom();
byte[] iv = new byte16;
random.nextBytes(iv);

FileInputStream fis = new FileInputStream(fileInput);
FileOutputStream fos = new FileOutputStream(fileOutput);

fos.write(iv);
IvParameterSpec spec = new IvParameterSpec(iv);
System.out.println("Initializing the cipher");
cipher.init(Cipher.ENCRYPT_MODE, key, spec);

CipherOutputStream cos = new CipherOutputStream(fos, cipher);

System.out.println("Encrypting the file...");
int theByte = 0;
while ((theByte = fis.read()) != -1) {
cos.write(theByte);
}
fis.close();
cos.close();
}

private static void decrypt(char[] password, String fileInput,
String fileOutput) throws Exception {
System.out.println("Loading the key.");
Key key = loadKey(password);
System.out.println("Loaded the key.");

Cipher cipher = Cipher.getInstance("Rijndael/CBC/PKCS5Padding");

FileInputStream fis = new FileInputStream(fileInput);
FileOutputStream fos = new FileOutputStream(fileOutput);

byte[] iv = new byte16;
fis.read(iv);

IvParameterSpec spec = new IvParameterSpec(iv);
System.out.println("Initializing the cipher.");
cipher.init(Cipher.DECRYPT_MODE, key, spec);

CipherInputStream cis = new CipherInputStream(fis, cipher);
System.out.println("Decrypting the file...");

int theByte = 0;
while ((theByte = cis.read()) != -1) {
fos.write(theByte);
}
cis.close();
fos.close();
}
In the encryption method, 16 byte IV is retrieved with the random function. It is written to 'fos', not encryted.
The whole file including 'IV' is encrypted in 'CipherOutputStream cos = new CipherOutputStream(fos, cipher);'
I mean the first 16 byte of the encrypted file is 'IV', and the IV is also encrypted.

In the decryption method, 16 byte IV is read from 'fis', and I expect the IV is still encrypted.
However, IvParameterSpec is initialized with this encrypted 16 bytes IV.

My question is that we initialized IvParameterSpec with the not encrypted IV in the encryption method,
but we initialized IvParameterSpec with the encrypted IV in the decryption method.

It's weird... How can we guarantee that these two IvParameterSpec are same??? (initialized with two different IV; encrypted & not encrypted)

Please tell me if I am misunderstood...
Updated on 2012-07-13T06:54:20Z at 2012-07-13T06:54:20Z by willey
  • MoreThanAir
    MoreThanAir
    2 Posts
    ACCEPTED ANSWER

    Re: Question in the encryption example with the IV

    ‏2012-07-09T12:03:47Z  in response to MoreThanAir
    I totally forgot about the file pointer. How stupid I am...
  • willey
    willey
    4 Posts
    ACCEPTED ANSWER

    Re: Question in the encryption example with the IV

    ‏2012-07-13T06:54:20Z  in response to MoreThanAir
    file pointer is a deep indepth thing in Java and I like to be in the part of this discussion

    Making your web access secure using SSL Certificate is a right choice and Choosing the right Certificate Authority for SSL Certificate is tough one ,here it is Comodo is the only Certificate authority which gives full support from initializing till installing your SSL Certificate.