Re: Java Security
From: Michel Gallant (neutron_at_NOSPAMistar.ca)
Date: 03/28/05
- Next message: Jim: "JavaMail - Outlook Forms"
- Previous message: Darryl Pierce: "Re: J2ME, Canvas, CommandListener."
- In reply to: Michael Amling: "Re: Java Security"
- Next in thread: Robert Angelino: "Re: Java Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 28 Mar 2005 10:41:36 -0500
"Michael Amling" <nospam@nospam.com> wrote in message news:ntU1e.18737$IY6.4609@newssvr31.news.prodigy.com...
> James wrote:
> > Hi all,
> >
> > My company is trying to decide make a platform desicion between
> > C++/Java. I am in favor of Java however I am compelled to answer a
> > question yet I am unable to find a solution.
> >
> > The problem is as follows: The application will have a two secret keys
> > (A 128 bit constants) and a public encryption algorihtm (AES). It will
> > encrypt some data offline and send via public methods to some other
> > place at a later time(not our server). Obviously, the security of this
> > data is extremely important. (A financial application). Application
> > will only be provided to trusted entities therefore I don't have to go
> > thru authentication. (ie. verify the sender)
> >
> > Our concern is one could decompile the Java class files and see what
> > these constants are and hence break the whole system. I have checked
> > out various solutions to see how can we avoid this issue and not yet
> > come up with a 100% secure solution.
> >
> > Obsfucation doesn't work as it doesn't really hide the constants.
> >
> > Encyrption of the constants: If we did this, someone can enrypt these
> > constantants. This solution is nothing more than adding another layer
> > to the difficulty. (We can pick a private algorithm but decompiling
> > would expose algorithm)
>
> This is a classic problem. How could C++ solve it any better than Java?
>
> Have you considered public key cryptography? A program need not be
> capable of hiding a secret to send data confidentially to a recipient
> with a known public key. Basically, Alice knows Bob's public key. Alice
> encrypts the data with a secret key selected at random at runtime. Alice
> sends the random secret key, encrypted with Bob's public key, along with
> the ciphertext. Bob can recover the random secret key using the private
> key that corresponds to his public key and with the random secret key in
> hand, can decrypt the ciphertext.
>
> --Mike Amling
This concept of generating a random symmetric key for bulk encryption,
and encrypting that secret symmetric key with the public key of recipient(s)
is called "enveloping".
A pkcs standard called EnvelopedData encapsulates the various bits (symmetric
encrypted blob, RSA-encrypted symmetric key and recipient certificate .. etc..).
EnvelopedData structures are further encapsulated into common secure email
S/MIME formats, which makes sending encrypted files (granted with size limitations by email
attachment restrictions) really simple.
Currently Java does not support these encapsulations so you need to use 3rd
party support. e.g. here is Bouncy Castle sample:
http://www.jensign.com/JavaScience/javacrypto
or of course, you can roll your own custom format (which can expose other security
problems!)
- Mitch Gallant
www.jensign.com
- Next message: Jim: "JavaMail - Outlook Forms"
- Previous message: Darryl Pierce: "Re: J2ME, Canvas, CommandListener."
- In reply to: Michael Amling: "Re: Java Security"
- Next in thread: Robert Angelino: "Re: Java Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
