keeping a password really secret
Hi all.
I have a pice of code where i need to use a password, but i would like to avoid that some editing the .class file to see it.
.....
is =new FileInputStream("c:\\temp\\ksb_cred.p12");
ks.load(is,"password".toCharArray());
...........
What options do i have to keep "password" not visible and dificult to trace?
1?Keeping it in a file and load it when necessary?
2?Using some sort of base64 encoded string of the pass in the code ?
3?making my own crypt and decrypt functions to handle the password ?
Plz advice.
Thank you.
[686 byte] By [
noe.rochaa] at [2007-11-26 22:42:28]
Keep it only in your brain.
> 1?Keeping it in a file and load it when necessary?
Keeping it in a file is more insecure than keeping it in memory. If you encrypt it to file, then you're safe most of the time. You'll probably be looking for a simple two-way key-based encryption scheme.
> 2?Using some sort of base64 encoded string of the
> pass in the code ?
Base64 is not (I repeat) not encryption. It is an encoding scheme which can ensure that a blob of text can be passed on a URL string across the internet without fouling up a URL. It's really just intended to ensure that a binary blob can be expressed using printable ASCII characters.
> 3?making my own crypt and decrypt functions to
> handle the password ?
This is ill-advised if you really need to keep it safe. If you're a crypto expert (or aspiring to become one), feel free; crypto needs fresh faces. Otherwise, your algorithm will undoubtedly be broken by experts if put to the test. There's no need to write your own; there are many good algorithms out there, and most of them are accessible via Java libraries, if you look hard enough.
Here's a good tutorial if you know Java. You have to register with IBM to view it, but it's well worth it IMO:
http://www-128.ibm.com/developerworks/edu/j-dw-javasec1-i.html
@ kevjava
>> You'll probably be looking for a simple two-way key-based encryption scheme.
if hes just trying to check the validity of a password (and not store
a backup) then he wants the exact OPPPOSITE of a 2way scheme.
@ op
If you want to check the validity of the password and
not keep a back up of it...
You can store the passwords hash.
The way that works is that the password is hashed and then checked
against whats on record.
Ideally, the hash can NOT be reversed to get the password.
so you store the hash which is meaningless to anyone else
and it allows you to check whether the password entered is identical
to the password on storage in the hash.
Thank you both.I'll try 1st something like this:Combine some password that can be visible if anyone edit the file with something retrived from the machine (some hadware id) and use it to recreate the true password i want.Is this a good approach?
> @ kevjava
> >> You'll probably be looking for a simple two-way
> key-based encryption scheme.
>
> if hes just trying to check the validity of a password (and not store
> a backup) then he wants the exact OPPPOSITE of a 2way scheme.
You're right -- I didn't really think of that possibility. There are two scenarios. Consider a case where you're authenticating against a Mysql database on your computer. When you connect, you're going to need the actual password -- A hash code isn't going to do it, so in that situation you're going to need a two-way encryption if you want to keep your password safe.
Many websites, however, will store a hash code to re-authenticate you next time you visit the site. They'll take your password and mangle it with a one-way hash function, and maybe "salt" it with some predetermined string. Next time you authenticate, you'll provide that hash, and the distant server will mangle your password with the salt in that same way, and see if they match. If you're looking for a similar functionality set, a one-way hash is much more simple to implement and test.
Authentication isn't a simple thing. If you want real, honest security, there's no recourse other than to just learn how it works, and maybe see how other similar open-source applications handle the same situation.
> Thank you both.
> I'll try 1st something like this:
> Combine some password that can be visible if anyone
> edit the file with something retrived from the
> machine (some hadware id) and use it to recreate the
> true password i want.
> Is this a good approach?
I still don't really know what you're authenticating against. Are you trying to encrypt a document, or authenticate against a database, or something completely different?
i'm trying to open a keystore file(pkcs#12 file) and use it to sign documents.
> i'm trying to open a keystore file(pkcs#12 file) and
> use it to sign documents.
Oh. then you will need that password, not a hash. And you will likely need to store it encrypted if you can't prompt for it. And that means you need the key somewhere, which is a rather sticky problem.
Good Luck
Lee
(not sure if you can use the "really secret" protocol here, you may have to settle for just "secret")
tsitha at 2007-7-10 11:58:01 >
> i'm trying to open a keystore file(pkcs#12 file) and
> use it to sign documents.
If you obfuscate the password with something found on the machine, then any user on the machine can do the same thing. You might do it with a machine id and a username; that might be good enough for casual storage of a password stored on the local machine, if the file is hidden to anyone that hasn't authenticated as that user. But that won't guard it in a super-secret fashion.
You're not going to be able to use a one-way hash function, though, if you need the plain text password... I think you're going to need a two-way encryption like RSA or Blowfish or the like.
> > i'm trying to open a keystore file(pkcs#12 file)
> and
> use it to sign documents.
>
> If you obfuscate the password with something found on
> the machine, then any user on the machine can do the
> same thing. You might do it with a machine id and a
> username; that might be good enough for casual
> storage of a password stored on the local machine, if
> the file is hidden to anyone that hasn't
> authenticated as that user. But that won't guard it
> in a super-secret fashion.
>
> You're not going to be able to use a one-way hash
> function, though, if you need the plain text
> password... I think you're going to need a two-way
> encryption like RSA or Blowfish or the like.
Or, as I said earlier, just keep it in your brain! I wasn't just being flippant. There is no way that the password can be kept secret on a computer unless protected by another password or key. At which point do you stop. A password protected by a password protected by a password etc etc etc.
Thank you for the advices.
[snip]
> There is no way that the
> password can be kept secret on a computer unless
> protected by another password or key. At which point
> do you stop. A password protected by a password
> protected by a password etc etc etc.
It's turtles all the way down
tsitha at 2007-7-10 11:58:01 >
> [snip]
> > There is no way that the
> > password can be kept secret on a computer unless
> > protected by another password or key. At which
> point
> > do you stop. A password protected by a password
> > protected by a password etc etc etc.
>
> It's turtles all the way down
I was getting there. I was just trying to explain that by trying to store a password locally, you could only make it less secure. I just didn't have the elegant five-word response that sabre did. :)
> > [snip]
> > > There is no way that the
> > > password can be kept secret on a computer unless
> > > protected by another password or key. At which
> > point
> > > do you stop. A password protected by a password
> > > protected by a password etc etc etc.
> >
> > It's turtles all the way down
>
> I was getting there. I was just trying to explain
> that by trying to store a password locally, you could
> only make it less secure. I just didn't have
> the elegant five-word response that sabre did. :)
Five words?
tsitha at 2007-7-10 11:58:01 >
> Five words?I'm counting impaired today. :-)
>There is no way that the
> password can be kept secret on a computer unless
> protected by another password or key. At which point
> do you stop. A password protected by a password
> protected by a password etc etc etc.
That's not true. I think (maybe depending what you want to do) it can be done using special hardware. :-)
-Puce
Pucea at 2007-7-21 19:11:19 >
i dont know why you guys are keeping retinal scanninga secret from the op. it is AN option. : )
> i dont know why you guys are keeping retinal> scanning> a secret from the op. it is AN option. : )I think the new Thinkpads come with a fingerprint reader. Don't know if there's a Java library for them, though ;-).
> > i dont know why you guys are keeping retinal
> > scanning
> > a secret from the op. it is AN option. : )
>
> I think the new Thinkpads come with a fingerprint
> reader. Don't know if there's a Java library for
> them, though ;-).
A friend had a thumb drive with a built in fingerprint reader. I was able to mount it on my linux box and read the data directly.
(I'm sure there are better implementations that encrypt the data rather than just prevent windows from mounting it)
tsitha at 2007-7-21 19:11:19 >
> A friend had a thumb drive with a built in fingerprint reader. I was able to mount it on my linux box and read the data directly.
Thats really bad, lol.
> (I'm sure there are better implementations that encrypt the data rather than just prevent windows from mounting it)
Youd think they would ALL have that implementation!
here is a base 64 encoder ive used in the past to make my plain text passwords not readable easily
http://www.mk.dreamhosters.com/code/atg-dynamo-logger/src/dynlogger/Encoder.java
remember, it can be easily "decrypted" by anyone, but its good enough to use if all you want to do is make sure no one sees your password in plain text in a document.
> Thank you for the advices.It should be advice and not advices. =))
> > Thank you for the advices.> > It should be advice and not advices. =))Why ?Is it semantic or sintaxe error?
> > > Thank you for the advices.
> >
> > It should be advice and not advices. =))
>
> Why ?
> Is it semantic or sintaxe error?
'Advice', in English, is a non-count noun, meaning that it is not pluralized by adding an 's' at the end.
Well english is not my mother language, but that shouldn't be an excuse to write correctly.I shall remember that in future conversations.
> Well english is not my mother language, but that
> shouldn't be an excuse to write correctly.
> I shall remember that in future conversations.
Thanks for trying, I genuinely do appreciate that. Your English, by the way, is better than some of the native speakers I deal with on a day-to-day basis.
> >There is no way that the
> > password can be kept secret on a computer unless
> > protected by another password or key. At which
> point
> > do you stop. A password protected by a password
> > protected by a password etc etc etc.
>
> That's not true. I think (maybe depending what you
> want to do) it can be done using special hardware.
> :-)
It amounts to the same thing: You need a human to provide some input that supposedly only that individual can supply.
jverda at 2007-7-21 19:11:20 >
noe,your english is good. dont worry about it.however, "sintaxe" is actually "syntax".
> > >There is no way that the
> > > password can be kept secret on a computer unless
> > > protected by another password or key. At which
> > point
> > > do you stop. A password protected by a password
> > > protected by a password etc etc etc.
> >
> > That's not true. I think (maybe depending what you
> > want to do) it can be done using special hardware.
> > :-)
>
> It amounts to the same thing: You need a human to
> provide some input that supposedly only that
> individual can supply.
Well, the class that signs has no interaction with humans.
It just receives a document and signs it.
> noe,
> your english is good. dont worry about it.
>
> however, "sintaxe" is actually "syntax".
I saw that coming, but there's no edit option after posting.
lol, in portuguese "sintax" is spelled like "sintaxe".
just found it...
Message was edited by:
noe.rocha
> > > >There is no way that the
> > > > password can be kept secret on a computer
> unless
> > > > protected by another password or key. At which
> > > point
> > > > do you stop. A password protected by a
> password
> > > > protected by a password etc etc etc.
> > >
> > > That's not true. I think (maybe depending what
> you
> > > want to do) it can be done using special
> hardware.
> > > :-)
> >
> > It amounts to the same thing: You need a human to
> > provide some input that supposedly only that
> > individual can supply.
>
> Well, the class that signs has no interaction with
> humans.
> It just receives a document and signs it.
I'm not sure what you're saying here, but it was already pointed out: Encrypting something with a password that comes from anywher but a human is ultimately the same as not encrypting it. The password has to be stored somewhere, so I can just read that and use it. If you encrypt the password, then something has to be able to unencrypt that. And so on.
Whether a user scans his thumbprint or speaks a phrase or types in a password or clicks buttons in a certain order, it's all the same thing--the authorization comes from a human. If not, don't bother having any encryption.
jverda at 2007-7-21 19:11:25 >
> lol, in portuguese "sintax" is spelled like "sintaxe".portuguese is the greatest language ever.my grandma gets mad at me when i say that because shes colombian. "whats wrong with spanish?" she says, lol.
i understand spanish very well too, but portuguese and spanish are not that similar.
> >There is no way that the
> > password can be kept secret on a computer unless
> > protected by another password or key. At which
> point
> > do you stop. A password protected by a password
> > protected by a password etc etc etc.
>
> That's not true. I think (maybe depending what you
> want to do) it can be done using special hardware.
> :-)
Not really! If one has special hardware then something has to 'unlock' it or anyone could use it.
> > i dont know why you guys are keeping retinal
> > scanning
> > a secret from the op. it is AN option. : )
>
> I think the new Thinkpads come with a fingerprint
> reader. Don't know if there's a Java library for
> them, though ;-).
I partially remember a quote about fingerprint and iris authentication but I can't find a reference. I think it was by Bruce Schneier but it might just have been quoted by him - "one can always change ones password but one will find it difficult to change ones fingerprints or iris". If anyone can point me at a reference to this ...
> I partially remember a quote about
> If anyone can point me at
> a reference to this ...
someone needs to tell google to start work immediately
on fuzzy hung over sort of remember searches...
" ~change ~password ~fingerprints ~iris ...and i was eating chinese
food at the time"
: )
