Password choice for PBE
Hi everybody,
I'm writing a little webproject which is writing encrypted texts into a database using PBE (with Jasypt packages) and displaying it decrypted. I'm using "PBEWITHSHA256AND256BITAES-CBC-BC" (BouncyCastleProvider).
Everthing is working fine, but I have a question regarding the password which used to generate the key.
How can make sure that my password is complex enough to make real use of the 256bit AES?
The password is saved as cleartext in my javacode cause I' have to decrypt the texts as well.
The second questions is if it is common to "store" the password as cleartext in my WebApplication or are there other more secure ways to do it?
sorry for my bad english.
greetings philipp
[752 byte] By [
r0ckaa] at [2007-11-27 5:52:37]
# 1
Don't worry about your english, Philip; you're getting your meaning across :-).
David Hook - the creator of BouncyCastle - wrote in his book that you have to question the effectiveness of your encryption if you're using strong ciphers like 3DES or AES-256, but using weak passwords to protect the symmetric keys. His point - and every experienced security practitioners' - is that the overall security of a system is ultimately dependent on the weakest link in the chain. And in PBE, the typical weak link is the password and how you protect that password.
I would encourage you to do the following:
1) Write - or lookup - a password routine that requires strong passwords (a combination of alpha, numeric and special characters);
2) Not store the password in a file at all, but have the Servlet/J2EE container prompt for the password upon startup. If the business requirements will not allow for an SA to supply the password upon startup (because they want an automatic restart), then make it clear that the system has a residual vulnerability that can potentially be exploited by an attacker who compromises the machine.
You cannot have an automatic restart of an application with cryptography modules in it, and robust security at the same time. You have to protect that weak link in the chain using an external process or control. Businesses need to understand this. As long as security programmers and practitioners keep delivering code/systems that gives the impression of security without actually providing it, the bad guys always win.
# 2
Hi arshad.noor
thank you for answering my question. I finally think about using the password for en/decrypting like a Pin for onlinebaking because we allready have a authentication System using j_security_check.
I think to do in a way like this:
1. user authenticates (username/password) --> is saved as hash in .properties files (there're just 3 people who have access)
the communication is encrypted via SSL (ServerSide Certifikat)
2. before user wants to read/write database he has to enter the password which is used to en/decrypt the text
Does this make sense?
Greetings
Philipp
r0ckaa at 2007-7-12 15:44:00 >
